Government of India Department of Electronics and Information Technology Ministry of Communications and Information Technology.

Slides:

Advertisements

Similar presentations

EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI AAI in EGI Status and Evolution Peter Solagna Senior Operations Manager

Advertisements

TNC 2008 / Short Lived Credential Service Implementation Based on National AAI Short Lived Credential Service Implementation Based on National AAI Emir.

The Need for Trusted Credentials Information Assurance in Cyberspace Mary Mitchell Deputy Associate Administrator Office of Electronic Government & Technology.

  Generic and configurable application to provide an electronic delivery for the services.  Provides a single, unified,

Presented by: Doug Falk National Student Clearinghouse Student Access to Federal Loan Data and Other Online Student Services.

15June’061 NASA PKI and the Federal Environment 13th Fed-Ed PKI Meeting 15 June ‘06 Presenter: Tice DeYoung.

ESign-Online Digital Signature Service February 2015 Controller of Certifying Authorities Department of Electronics and Information Technology Ministry.

August 2004 Providing Industry-wide Security and Identity Management Solutions.

The SAFE-BioPharma Identity Proofing Process Author of Record SWG (Digital Credentials) October 3, 2012 Peter Alterman, Ph.D. Chief Operating Officer,

1 Current Status of Japanese Government PKI Systems Yasuo Miyakawa*+, Takashi Kurokawa*, Akihiro Yamamura* and Yasushi Matsumoto+ * National Institute.

Chief Information Officer Branch Gestion du dirigeant principal de l’information “We will have a world class public key infrastructure in place” Prime.

Generic AAA model in Grids IRTF - AAAARCH meeting IETF 52 – Dec 14 th Salt Lake City Leon Gommans Advanced Internet Research Group.

Federal Approach to Electronic Credentials For services to citizens, businesses, other governments, and employees Mary J. Mitchell Office of Electronic.

EDUCAUSE Fed/Higher ED PKI Coordination Meeting

Office of the Chief Information Officer EFCOG Annual Meeting Fred Catoe (IM-32) U.S. Department of Energy.

Emergence of Identity Management: A Federal Perspective Dr. Peter Alterman Chair, Federal PKI Policy Authority.

E-Procurement: Digital Signatures and Role of Certifying Authorities Jagdeep S. Kochar CEO, (n)Code Solutions.

May 22, 2002 Joint Operations Group Discussion Overview Describe the UC Davis Security Architecture Describe Authentication Efforts at UC Davis Current.

Ronny Depoortere January 16th, 2012 Chisinau. Identification – Business Case The ability to uniquely identify citizens and foreign residents is the corner.

Identity and Access Management IAM. 2 Definition Identity and Access Management provide the following: – Mechanisms for identifying, creating, updating.

Geneva, Switzerland, September 2014 Introduction of ISO/IEC Identity Proofing Patrick Curry Director, British Business Federation Authority.

The E-Authentication Initiative: A Status Report Presented at Educause Meeting June 16, 2004 The E-Authentication Initiative.

The E-Authentication Initiative An Overview Peter Alterman, Ph.D. Assistant CIO for e-Authentication, NIH and Chair, Federal PKI Policy Authority The E-Authentication.

Health IT RESTful Application Programming Interface (API) Security Considerations Transport & Security Standards Workgroup March 18, 2015.

Chapter © 2012 Pearson Education, Inc. Publishing as Prentice Hall.

Best Practices in Deploying a PKI Solution BIEN Nguyen Thanh Product Consultant – M.Tech Vietnam

Ronny Depoortere 19th March, 2012 Warsaw. Identification – Business Case The ability to uniquely identify citizens and foreign residents.

THE ROLE OF CIVIL REGISTRY TO ACTIVATE THE ELECTRONIC AUTHENTICATION

Dao Dinh Kha National Centre of Digital Signature Authentication - Agency of Information Technology Application A vision on a national Electronic Authentication.

Federated Identity Management in New Zealand Sat Mandri Service Manager TNC15 REFEDs Meeting, 14 th June 2015.

E-Pramaan Standards & Specifications 19 September 2015 © Centre for Development of Advanced Computing 1.

Johnson & Johnson’s Public Key Infrastructure Bob Stahl

Payment Gateways for e-Government services 24 May 2007

GC Credential Management Evolution for the OASIS/World Bank eGov Workshop 17 th April, 2009For information, please contact:

E-GOVERNMENT IN VIETNAM Ph.D Tran Cong Yen Deputy Director Information and Communication Technology Center Ministry of Science and Technology, Vietnam.

Presented by: Presented by: Tim Cameron CommIT Project Manager, Internet 2 CommIT Project Update.

E-Authentication: Simplifying Access to E-Government Presented at the PESC 3 rd Annual Conference on Technology and Standards May 1, 2006.

Levels of Assurance in Authentication Tim Polk April 24, 2007.

U.S. Department of Agriculture eGovernment Program July 9, 2003 eAuthentication Initiative Update for the eGovernment Working Group eGovernment Program.

SWEB SWEB Security and Privacy Technologies – Implementation Aspects Venue:SWEB Day in APV, Novi Sad Author(s):Dr. Milan Marković Organisations:MISANU.

TCS Internal Use Only Grass-root Applications Potential approach for E-Gov Elitex – 2005 April 26,2005,New Delhi Tanmoy Chakrabarty TCS Limited.

U.S. Department of Agriculture eGovernment Program eAuthentication Draft Business Case Executive Summary January 2003.

State of e-Authentication in Higher Education August 20, 2004.

E-Authentication in Higher Education April 23, 2007.

Identity Federations and the U.S. E-Authentication Architecture Peter Alterman, Ph.D. Assistant CIO, E-Authentication National Institutes of Health.

Using Public Key Cryptography Key management and public key infrastructures.

E-Authentication & Authorization Presentation to the EA2 Task Force March 6, 2007.

Transforming Government Federal e-Authentication Initiative David Temoshok Director, Identity Policy and Management GSA Office of Governmentwide Policy.

Attribute Delivery - Level of Assurance Jack Suess, VP of IT

Chapter © 2012 Pearson Education, Inc. Publishing as Prentice Hall.

Ministry of Communications and IT, Islamic Republic of Afghanistan

Creating a European entity Management Architecture for eGovernment Id GUIDE Keiron Salt

EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI Evolution of AAI for e- infrastructures Peter Solagna Senior Operations Manager.

Kuk Hwan Jeong Korea Information Society Development Institute(KISDI) Nov. 5, 2014 Innovation of Public Service Delivery: Principle and Cases in Korea.

Federal Initiatives in IdM Dr. Peter Alterman Chair, Federal PKI Policy Authority.

TNC2012 Sat Mandri 21 May Acknowledgements Many thanks to: Our sponsorProject Partners 2.

The Federal E-Authentication Initiative David Temoshok Director, Identity Policy GSA Office of Governmentwide Policy February 12, 2004 The E-Authentication.

E-Authentication Guidance Jeanette Thornton, Office of Management and Budget “Getting to Green with E-Authentication” February 3, 2004 Executive Session.

EAuthentication – Update on Federal Initiative Jacqueline Craig IR&C September 27, 2005.

Identity Management Overview

A National e-Authentication Service

ESign Aashutosh.

eGovernance Services Delivery Framework

Unique Identification Number Project

U.S. Federal e-Authentication Initiative

NAAS 2.0 Features and Enhancements

Technical Approach Chris Louden Enspier

HIMSS National Conference New Orleans Convention Center

Presentation transcript:

Government of India Department of Electronics and Information Technology Ministry of Communications and Information Technology

Meaning 1 HindiEnglish e-Pramaane-Authentication

Several e-Governance initiatives undertaken across country Increasing need for e-Authentication of users accessing online services through web/mobile Lack of standard, consistent and robust e-Authentication mechanisms Inadequate and disparate across various applications Mostly offline methods Lack of uniformity in the authentication methods Different ID proofs needed for accessing similar public services Need 2

Consistency in government processes for e-Authentication 1 Services are delivered to the authorized recipient 2 To avoid duplication of authentication infrastructure and reduce the cost and efforts 3 Enable Single Sign-on across various government applications 4 Incorporate Aadhaar based authentication in e-Authentication mechanisms 5 Guidelines for determining the authentication assurance levels 6 Objectives 3

Implementation Approach 4

e-Pramaan: The Framework

Identity Management Authentication Credential Registration Single Sign-On Website Authentication Fraud Management Framework | Key Components 5

Level 1 Level 2 Level 4 Level 3 Framework | Authentication Levels 6

e-Pramaan: Specifications & Guidelines

Incorporates Global Standards in e-Authentication IEEE, NIST Supporting Text Collaborative Developed in consultation with industry and academia Supporting Text Open Based on open standards Supporting Text Specifications and Guidelines 7

Standards Incorporated 8 HMAC based (HOTP) RFC 4868 Time based OTP (TOTP)RFC 6238 SMS/ based OTPRFC 2289 PKI/Digital Certificates X.509 v3 certificate standard, as specified in RFC 5280 BiometricsIEEE, ISO, NIST Demographics Demographics Standards issued by Govt. of India SSOSAML v2.0 CommunicationSSL 3.0/TLS 1.0 EncryptionRSA 2048/ECC/AES

e-Pramaan: The Project

e-Pramaan - Authentication as a Service 9 Authenticated

e-Pramaan in eGov ecosystem 10

e-Pramaan Value Proposition 11 Shared infrastructure for e-Authentication needs Easy on-boarding – minimal change at the application level of department Saving cost, time and other resources Value Addition to Aadhaar authentication Obviates the need of departments being AUA Provide ASA services Centralized AUA/ASA service – so implementation issues, reporting, fraud monitoring etc will be handled at one place Enable federated authentication – will allow use of other credentials as PAN, passport etc as per the requirement of departments PKI (Digital Signature) based authentication also included Single Sign-on Authentication even for mobile based delivery of services Fraud Management

Thank You