Presentation is loading. Please wait.

Presentation is loading. Please wait.

National Informatics Center

Published byNeal Garrett Modified over 6 years ago

Similar presentations

Presentation on theme: "National Informatics Center"— Presentation transcript:

1 National Informatics Center
Key Management System for RSBY Smart Card National Informatics Center

2 Why with Smart Card ? Basic purpose for induction of Smart Cards as RSBY card is to provide, Capability to store data on-board into the chip for field usage Capability to perform authentic field transactions Providing correct entitlement details for service delivery Ease of handling Inbuilt mechanism to verify the authenticity of card after issuance, thereby checking the fake duplication

3 National Informatics Center
How above is achieved ? Using intelligent processing capability of smart card. Possible to run complex encryption algorithms on the chip. Encryption technology is the basis of smart card security Encryption technology requires complex mathematical algorithms and key for encryption. National Informatics Center

4 National Informatics Center
Key Management System KMS is the basic requirement for implementing Smart Card Security. It provides following Establishing Authenticity of Card that verifies the authenticity of card at field. Protection against un-authorized tampering of data which means provide a mechanism for card modification only by authorized agencies or persons. National Informatics Center

5 National Informatics Center
How KMS Works ? Authority Card Master Key Health Card Derived Key Random Data Encrypt Decrypt and Match Original Data Cryptogram Interface Device National Informatics Center

6 Three Tier Structure of KMS
The KMS will consist of three levels of operation for generation and Management of Keys and related Cards:- Central Key Generation Authority District Key Manager Field Key Officer Issuer Kiosk Hospital National Informatics Center

7 National Informatics Center
Hierarchy of Levels CKGA District Level District level FKO Issuer Hospital Kiosk RSBY Cards National Informatics Center

8 National Informatics Center
CKGA (Central Key Generation Authority) Parent Keys and Master Key Derivation C-NOC P1 P2 P3 P4 P5 MK1 MK2 MK3 MK4 National Informatics Center Master Key Cards

9 Central Key Generation Level
All Authority Cards are produced at Central Key Generation Level. Any three trusted agents need to come together with Parent key cards in order to generate required type and numbers of Authority Cards. It must be within MoL&E. Custodian of Upper layers of Keys (Parent Keys) Generation and Keeping All Master Keys derived from Parent Keys shall be generated at CKGA Physical Security of premise is required. Ministry to appoint CKGA Nodal Officer. National Informatics Center

10 National Informatics Center
Master Key Cards Generated at CKGA Used for field operations Issuance Card (MIC) Kiosk Card (MKC) Hospital Card (MHC) National Informatics Center

11 National Informatics Center
District Key Manager Responsible for distribution of Master Key cards among various FKO’s within the district. Maintains the database of all the Master Key cards issued. Receive request for Master Key cards , personalize them and distribute it to various FKO’s Sends request for fresh Master Key Cards to CKGA Recharging of Master Issuance Cards, which have exhausted their issuance limit. These processes also require a secure infrastructure for performing various KMS related operations. Issuance of Master Key Cards Modification of Master Key Cards PIN Unblocking of Master Key Cards Data Download from MIC Card for Cards issued. National Informatics Center

12 National Informatics Center
ISSUANCE OF RSBY CARD Rashtriya Swasthya Bima Yojna Cards are generated with the help of Master Issuance cards (MIC). is the ultimate point of usage of Master Issuance card for issuance . FKO is the entity which is responsible for safe keeping and safe usage of these cards, while they are in use. responsibility is to ensure and see to it that all the defined security guidelines are strictly being followed at the field by various trusted authorities which are using authority cards for various functionalities. National Informatics Center

13 National Informatics Center
Card Issuance at Field Key Derivation FKMA URN Master Key Health Card Derived Key beneficiary National Informatics Center

14 FKO (Field Key Officer) Issuance
Field Level KMS Authority Must be part of Government Performs the key Derivation at the Issuance of Card Can performs authorized card modifications Usage protected by PIN National Informatics Center

15 FKO (Field Key Officer) Hospital
Issued by DKM Performs card Modifications authorized at Hospital Usage protected by PIN National Informatics Center

16 FKO (Field Key Officer) Kiosk
Perform Kiosk Operations Can Issue New Card Can Modify existing Card Usage similar to Issuance Card Usage Protected by PIN Can be programmed for Limited number of usage National Informatics Center

17 National Informatics Center
Thanks ! National Informatics Center

Download ppt "National Informatics Center"

Similar presentations

1 ABCs of PKI TAG Presentation 18 th May 2004 Paul Butler.

1 ABCs of PKI TAG Presentation 18 th May 2004 Paul Butler.
Gareth Ellis Senior Solutions Consultant Session 5a Key and PIN Management.

Gareth Ellis Senior Solutions Consultant Session 5a Key and PIN Management.
Chapter 14 – Authentication Applications

Chapter 14 – Authentication Applications
1 Pascal URIEN, IETF 61th, Washington DC, 10th November 2004 “draft-urien-eap-smartcard-type-00.txt” EAP Smart Card Protocol (EAP-SC)

1 Pascal URIEN, IETF 61th, Washington DC, 10th November 2004 “draft-urien-eap-smartcard-type-00.txt” EAP Smart Card Protocol (EAP-SC)
FIPS 201 Personal Identity Verification For Federal Employees and Contractors National Institute of Standards and Technology Information Technology Laboratory.

FIPS 201 Personal Identity Verification For Federal Employees and Contractors National Institute of Standards and Technology Information Technology Laboratory.
Grid Security Infrastructure Tutorial Von Welch Distributed Systems Laboratory U. Of Chicago and Argonne National Laboratory.

Grid Security Infrastructure Tutorial Von Welch Distributed Systems Laboratory U. Of Chicago and Argonne National Laboratory.
CTO Office Reliability & Security Distinctions and Interactions Hal Lockhart BEA Systems.

CTO Office Reliability & Security Distinctions and Interactions Hal Lockhart BEA Systems.
DESIGNING A PUBLIC KEY INFRASTRUCTURE

DESIGNING A PUBLIC KEY INFRASTRUCTURE
Mar 12, 2002Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities SSL/TLS.

Mar 12, 2002Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities SSL/TLS.
16.1 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.

16.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.
Mar 4, 2003Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities.

Mar 4, 2003Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities.
Introduction to Public Key Infrastructure (PKI) Office of Information Security The University of Texas at Brownsville & Texas Southmost College.

Introduction to Public Key Infrastructure (PKI) Office of Information Security The University of Texas at Brownsville & Texas Southmost College.
Chapter 8 Web Security.

Chapter 8 Web Security.
1 Mon. December 3, 2001A Secure National ID Card Group 8 Chris Marinak Mike Cuvelier Adam Sowers Saud Bangash.

1 Mon. December 3, 2001A Secure National ID Card Group 8 Chris Marinak Mike Cuvelier Adam Sowers Saud Bangash.
TrustPort Public Key Infrastructure. WWW.TRUSTPORT.COM Keep It Secure Table of contents  Security of electronic communications  Using asymmetric cryptography.

TrustPort Public Key Infrastructure. Keep It Secure Table of contents  Security of electronic communications  Using asymmetric cryptography.
System Design/Implementation and Support for Build 2 PDS Management Council Face-to-Face Mountain View, CA Nov 30 - Dec 1, 2011 Sean Hardman.

System Design/Implementation and Support for Build 2 PDS Management Council Face-to-Face Mountain View, CA Nov 30 - Dec 1, 2011 Sean Hardman.
Computer Security Tran, Van Hoai Department of Systems & Networking Faculty of Computer Science & Engineering HCMC University of Technology.

Computer Security Tran, Van Hoai Department of Systems & Networking Faculty of Computer Science & Engineering HCMC University of Technology.
Secure Electronic Transaction (SET)

Secure Electronic Transaction (SET)
SSL / TLS in ITDS Arun Vishwanathan 23 rd Dec 2003.

SSL / TLS in ITDS Arun Vishwanathan 23 rd Dec 2003.
Kerberos: An Authentication Service for Open Network Systems Jennifer G. Steiner Clifford Neuman Jeffrey I. Schiller.

Kerberos: An Authentication Service for Open Network Systems Jennifer G. Steiner Clifford Neuman Jeffrey I. Schiller.

Similar presentations

Ads by Google