Presentation is loading. Please wait.

Presentation is loading. Please wait.

How to introduce a unified authentication module using VISS infrastructure? For state institutions and local governments.

Published byAnnice Hensley Modified over 8 years ago

Similar presentations

Presentation on theme: "How to introduce a unified authentication module using VISS infrastructure? For state institutions and local governments."— Presentation transcript:

1 How to introduce a unified authentication module using VISS infrastructure? For state institutions and local governments

2 Introduction What is unified authentication and what are it's possibilities? Unified authentication main steps How to introduce unified authentication module step by step? Frequently asked questions Useful information sources Contact information 2 Contents

3 What is the data exchange solution and what are its possibilities? 3

4 Unified authentication – a part of VISS infrastructure 4 State Information System Integrator State registers and state information systems Public environment Working environment Single login module Payment module Commercial banks e-signature eID card E-servicesPublic Service Directory

5 5 What is unified application? Unified application ensures the possibility to identify the portal users using identification provider's (OCMA - e-ID card, LSRCT - e-signature, credit institution payment systems) authentication means

6 Authentication number in 2015 More than 2.2 million times used in 2015 (+155% compared to year 2014) Used in 26 portals Number of authentications via the single login module in 2015 19,609 24,762 273,257 1,062,112 1,338,252 Construction IS of the Ministry of Economics Portal of the State Unified Computerised Land Register Portal of the Road Traffic Safety Directorate SRS Electronic Declaration System Latvija.lv portal 6

7 The most active users of the single login module Culture information system center State Regional Development Agency Courts administration Expert application system of the State Culture Capital Foundation Project application system of the State Culture Capital Foundation Joint catalogue of national museum collection Digital culture map of Latvia Geolatvija.lv Latvija.lv VISS.gov.lv Electronic auction portal Tiesas.lv Portal of the State Unified Computerised Land Register 7

8 Advantages of single login 8 Convenient and secure identification: on Latvija.lv; on other portals of institutions. There is no need to create new solutions and enter into cooperation agreements with other identification providers. There are two identification ways available: with an eID card and e-signature; via the Internet banking system (currently, 7 Internet banking systems). Single sign-on – with single identification, a user can conveniently access the portals where a unified login module with this solution is integrated

9 New unified login solutions are planned for 2016 Right now physical persons can authenticate, but in 2016 authentication for legal persons will be introduced: It is also planned to develop cross-border authentication Signatory persons Authorized person Heads of institutions 9

10 What is the functionality of a unified logon module? 10

11 The involved in a unified logon module introduction InstitutionSRDA Banks OCMA LVRTC SRDA provides cooperation with identification providers 11

12 12 Client (E-services User) Credit institution (internet banking which the client has chosen) 5. Inform VISS about an identified client/forward a client to Portal 6. Receive on e-service Portal 4. Identify a client 2. Show an authentication form 1. In the portal a credit institution is chosen with which identification will be performed 3. Input authentication information VISS The functioning of the single login module

13 13 How to introduce unified authentication module step by step?

14 How the unified authenticatio introduction works: This step can be omitted Institution liability SRDA liability * Maintenance Introduction into products Development* Co-operation Agreement Initiation of cooperation Accept testing 1. 3. 4. 5. 6. 7. Signing an acceptance deed 2. 14

15 1. Initiation of cooperation 15 Responsible person: Institution To be performed: Institution addresses SRDA using an e-mail motivating the usage aim and necessity If SRDA accepts* provision of the service, an institution sends a filled in cooperation event registration blank (institution also chooses, which identification providers are necessary) Banks reply to SRDA or accept the cooperation with the institution SRDA registers a cooperation and starts together with an institution to create connections *A module can be used by state institutions and municipalities that provide public service, SRDA evaluated for example the provision for corporations

16 Connection establishment Development SRDA coordinates connection establishment and informs the institution about: An institution sends: Testing Introduction into products IP addresses from which the module will be initiated URL address to which the module will have to hand over the data of the identified user Both parties have to exchange the certificates (Within the module on the level of messages the encoding is performed, X.509 standard and at least 2048 bit key length appropriate third party issued certificate or a certificate signing request) SRDA unified logon module service test environment address SRDA party certificates which a client has to import on their side of the servers VRAA sends a REALM unique connection identifier 16

17 2. CO-OPERATION AGREEMENT 17 Responsible person: SRDA and an institution To be performed: Before the introduction of the unified authentication it is necessary to conclude a cooperation agreement between the institution* and SRDA using the typical interagency agreement form provided by SRDA Advantage for an institution - it is not necessary to sign an agreement separately with each identification provider *In accordance with State Administration Structure Law interagency agreement institution has to be agreed upon with it's superior institution (ministry), that is why this process intends more timeState Administration Structure Law

18 3. Development* 18 Responsible person: Institution To be performed: An institution organizes the process of development in accordance with the available documentation of VISS SRDA provides consultative support Programmer's manual (VISS Safety talon service) This step can be omitted*

19 4. Acceptance testing 19 Responsible person: Institution To be performed: An institution performs accept tests and informs SRDA about the completion of the tests SRDA VISS test environment perform the verification - if during the time mentioned by the institution there have been successful authentication attempts, an institution can prepare an acceptance test act

20 5. Signing an acceptance deed 20 Responsible person: Institution To be performed: An institution fills in SRDA act template SRDA complements, coordinates an act and after it's signing invites the institution to send information for connection establishment in the production environment Act on E-service «Unified authenticationAct on E-service «Unified authentication»

21 6. Introduction into production 21 Responsible person: SRDA and an institution To be performed: Connection establishment term is defined by the concluded agreement between SRDA and institution

22 7. Maintenance 22 Responsible person: Institution To be performed: An institution is responsible for the introduced solution action control SRDA can if necessary provide consultative support

23 The most common problems ! ! In PHP environment it is possible to correctly use the additional message encoding level, that is why for problem solution the development in a different development environment shall be performed or you have to abandon an additional encoding. In order to solve these mistakes an in addition to the additional parameter input you have to make sure that they match with the ones sent by SRDA. Solution introduction peculiarities in PHP development environment In the configuration the the parameters are not indicated precisely thus causing the mistakes 23

24 24 Frequently asked questions What is additional encoding? It is encoding of the data to be broadcast in order to provide a full protection of the transferred data.

25 Find out more: 25 State information system integrator www.viss.gov.lvwww.viss.gov.lv Unified authentication module documentation https://viss.gov.lv/lv/Informacijai/Dokumentacija/Koplietosan as_komponentes/Vienotas_pieteiksanas_modulis https://viss.gov.lv/lv/Informacijai/Dokumentacija/Koplietosan as_komponentes/Vienotas_pieteiksanas_modulis

26 Contact information For communication with the specialists of the Information System Development Department: e-mail: epak@vraa.gov.lvepak@vraa.gov.lv 26

27 How to introduce a unified authentication module using VISS infrastructure? For state institutions and local governments

28 The basic functionality of a unified logon module Sign in (sign-in) Sign out (sign-out)

29 Sign in Service provider (SP) Unified authentication (UA)Authentication provider (AP) SP server UA moduleAP usage Access request 1 5 5 POST (talon) POST (talon) 2 34 Talon request (browser redirect) Authenti- cation request (browser redirect) Personal data (browser redirect) Protected resource Internet browser

30 Sign out Requestor Browser Requestor IP/STS WS Resource 1. 2. 3. 4. 5. 6. Access Sign-Out at Resource Request Sign-Out Perform Sign-Out Sign-Out complete Perform Sign-Out

Download ppt "How to introduce a unified authentication module using VISS infrastructure? For state institutions and local governments."

Similar presentations

Taxpayers registration and e-services provided by the Estonian Tax and Customs Board Karin Aleksandrov Chief Expert Service Management Department.

Taxpayers registration and e-services provided by the Estonian Tax and Customs Board Karin Aleksandrov Chief Expert Service Management Department.
Digital Certificate Installation & User Guide For Class-2 Certificates.

Digital Certificate Installation & User Guide For Class-2 Certificates.
Statewide Vendor Registration Instructions

Statewide Vendor Registration Instructions
Digital Certificate Installation & User Guide For Class-2 Certificates.

Digital Certificate Installation & User Guide For Class-2 Certificates.
SECURE SITES. A SECURE CONNECTION TERMS Secure Sockets Layer (SSL) An older Internet protocol that allows for data transmission between server and client.

SECURE SITES. A SECURE CONNECTION TERMS Secure Sockets Layer (SSL) An older Internet protocol that allows for data transmission between server and client.
Lori Fitterling LI843 SSL Secured Sockets Layer. What is Secure Sockets Layer (SSL)? It is protection of data transferred over the Internet using encryption.

Lori Fitterling LI843 SSL Secured Sockets Layer. What is Secure Sockets Layer (SSL)? It is protection of data transferred over the Internet using encryption.
(4.4) Internet Protocols Layered approach to Internet Software 1.

(4.4) Internet Protocols Layered approach to Internet Software 1.
1 Computerised National Land Book of Latvia Ints Lukss Project Manager MikroKods Ltd.

1 Computerised National Land Book of Latvia Ints Lukss Project Manager MikroKods Ltd.
E-tax system stages 1.Stage 1 - Information: online information about public services 2.Stage 2 - Interaction: downloading of forms 3.Stage 3: Two-way.

E-tax system stages 1.Stage 1 - Information: online information about public services 2.Stage 2 - Interaction: downloading of forms 3.Stage 3: Two-way.
How to get your free Windows Store Access

How to get your free Windows Store Access
Ministry for Economic Development of the Russian Federation March 2010 Oleg Pak, Head of the Department for State Regulation of the Economy Formation of.

Ministry for Economic Development of the Russian Federation March 2010 Oleg Pak, Head of the Department for State Regulation of the Economy Formation of.
Ministry of Transport, Information Technology and Communications Technological base: Interoperability Tsvetanka Kirilova Ministry of TITC Bulgaria.

Ministry of Transport, Information Technology and Communications Technological base: Interoperability Tsvetanka Kirilova Ministry of TITC Bulgaria.
INTRODUCTION Why Signatures? A uthenticates who created a document Adds formality and finality In many cases, required by law or rule Digital Signatures.

INTRODUCTION Why Signatures? A uthenticates who created a document Adds formality and finality In many cases, required by law or rule Digital Signatures.
Use of Electronic Digital Signature in the Russian Federation.

Use of Electronic Digital Signature in the Russian Federation.
InterSwyft Technology presentation. Introduction InterSwyft brings secured encrypted transmission of SMS messages for internal and external devices such.

InterSwyft Technology presentation. Introduction InterSwyft brings secured encrypted transmission of SMS messages for internal and external devices such.
X-Road (X-tee) A platform-independent secure standard interface between databases and information systems to connect databases and information systems.

X-Road (X-tee) A platform-independent secure standard interface between databases and information systems to connect databases and information systems.
Lecture 12 Electronic Business (MGT-485). Recap – Lecture 11 E-Commerce Security Environment Security Threats in E-commerce Technology Solutions.

Lecture 12 Electronic Business (MGT-485). Recap – Lecture 11 E-Commerce Security Environment Security Threats in E-commerce Technology Solutions.
Ministry of State Administration and Administrative Reform 1 eGovernance LEFIS Workshop 5 th Meeting Sofia 2-3 June 2006 Alexander Ognianov Ministry of.

Ministry of State Administration and Administrative Reform 1 eGovernance LEFIS Workshop 5 th Meeting Sofia 2-3 June 2006 Alexander Ognianov Ministry of.
“NATIONAL CHAMBER OF PRIVATE BAILIFF OFFICERS ” in the new era of the online execution SIAIP INTRODUCTION 16 th of December 2014.

“NATIONAL CHAMBER OF PRIVATE BAILIFF OFFICERS ” in the new era of the online execution SIAIP INTRODUCTION 16 th of December 2014.
Collaboration and Content Customer solution case study The Yaroslavl region Government creates knowledge base of public authorities of the Yaroslavl region.

Collaboration and Content Customer solution case study The Yaroslavl region Government creates knowledge base of public authorities of the Yaroslavl region.

Similar presentations

Ads by Google