Presentation is loading. Please wait.

Presentation is loading. Please wait.

© Southampton City Council Sean Dawtry – Southampton City Council The Southampton Pathfinder for Smart Cards in public services.

Published byKasandra Snee Modified over 9 years ago

Similar presentations

Presentation on theme: "© Southampton City Council Sean Dawtry – Southampton City Council The Southampton Pathfinder for Smart Cards in public services."— Presentation transcript:

1 © Southampton City Council Sean Dawtry – Southampton City Council The Southampton Pathfinder for Smart Cards in public services

2 © Southampton City Council Sean Dawtry – Southampton City Council SmartPath Sean Dawtry Corporate IT Consultant Southampton City Council E-mail s.dawtry@southampton.gov.uks.dawtry@southampton.gov.uk Tel 023 8083 2983

3 © Southampton City Council Sean Dawtry – Southampton City Council Agenda Overview of SmartPath Principles Project Scope PKI How Does it Work Main Partners Issues The Future

4 © Southampton City Council Sean Dawtry – Southampton City Council Overview Develop Robust/Resilient Security Infrastructure for Electronic Service Delivery. Though Development of PKI Build Around Existing SmartCities Scheme Available from Kiosks, PCs in Libraries 6000 Citizens

5 © Southampton City Council Sean Dawtry – Southampton City Council Principles Bridge Digital Divide Through SmartCard Secure Needed Real World Application –Housing Repairs Portability and Interoperability

6 © Southampton City Council Sean Dawtry – Southampton City Council Scope Business Process Development –SmartCities –Housing –PKI/Certificate Management Infrastructure Development System Design Integration –With Back Office –SmartCities Secure Portal Intuitive User Interface

7 © Southampton City Council Sean Dawtry – Southampton City Council PKI PKI (Public Key Infrastructure) –Enables users of a unsecured public network such as the Internet to securely and privately exchange data and money through the use of a public and a private cryptographic key pair that is obtained and shared through a trusted authority. –The public key infrastructure provides for a digital certificate that can identify an individual or an organization and directory services that can store and, when necessary, revoke the certificates.

8 © Southampton City Council Sean Dawtry – Southampton City Council Digital Certificate A digital certificate is an electronic “passport" that establishes your credentials when doing business or other transactions on the Web. It contains your name, a serial number, expiration dates, a copy of the certificate holder's public key, and the digital signature of the certificate-issuing authority so that a recipient can verify that the certificate is real. Some digital certificates conform to a standard, X.509.

9 © Southampton City Council Sean Dawtry – Southampton City Council Digital Certificate Can be held –Web Browser –USB Token –Smartcard

10 © Southampton City Council Sean Dawtry – Southampton City Council CA and RA Certificate Authority –Organisation responsible for issuing and revoking certificates Registration Authority –Organisation responsible for performing the registration process and verifies the identification of the individual

11 © Southampton City Council Sean Dawtry – Southampton City Council CA and RA Southampton City Council –currently performs the CA function. Smartcities –Currently performs the RA function Both are currently one in the same

12 © Southampton City Council Sean Dawtry – Southampton City Council CP and CPS Certificate Policy –Lays down the CA’s legal obligations –Liabilities –Holders obligations Certificate Practice Statement –Details the processes by which the PKI will be managed i.e. Physical Controls, Personnel Controls, backup and recovery

13 © Southampton City Council Sean Dawtry – Southampton City Council CP and CPS How do they relate –The Certificate Policy generally states WHAT is to be adhered to. The Certificate Practice Statement states HOW it will be adhered to

14 © Southampton City Council Sean Dawtry – Southampton City Council Verification Meets Office of the E-Envoy’s authentication framework Applicant must produce two forms of approved documents to verify identification

15 © Southampton City Council Sean Dawtry – Southampton City Council Benefits of PKI Entity Authentication –Verifies the Identity of a person or organisation Data Confidentiality –Ensures transmitted data is secure Data Integrity –Ensures that data is not tampered with in Transit

16 © Southampton City Council Sean Dawtry – Southampton City Council Benefits of PKI Non Repudiation –Neither party can deny transaction ever took place Privilege Management –Policies that govern access to sensitive data

17 © Southampton City Council Sean Dawtry – Southampton City Council Why PKI E-Government programme opens up more data to more people Could be sensitive Need to ensure interest of all parties are taken into consideration Important to know who is at the ‘other end’ Prevention of fraud

18 © Southampton City Council Sean Dawtry – Southampton City Council Registration Create X509 Certificate Citizen Registers CMS Account created within the Card Management System Certificate Request is granted and CMS authorised to encode card Entrust Poller Poller Checks for new requests frequently CMS Informed if request is invalid FTP Certificate Request is created and stored in FTP Directory Check CRM to Determine Valid user Entrust ‘Get Access’ Account Created

19 © Southampton City Council Sean Dawtry – Southampton City Council Authentication Cardholder inserts card and PIN Certificate is copied to Cryptographic Store in Web Browser Entrust ‘Get Access’ Server CA ‘Get Access’ Server confirms that certificate is valid and performs authentication process Web Client ‘Get Access’ acts as a proxy server for resources from SCC application server through firewall e.g. Housing Repairs All communication between BEA Weblogic and the user occurs through the firewall and the ‘Get Access’ Server BEA Weblogic Server SCC Back office Systems

20 © Southampton City Council Sean Dawtry – Southampton City Council Entrust ‘Get Access’ Server Data SCC Once completed Data Flush takes place to remove the certificate from the browser Authentication

21 © Southampton City Council Sean Dawtry – Southampton City Council Lost/Stolen/Blacklisted Cards Card Loss Report –Smartcities Creates a ‘Hotlist’ –‘Hotlist’ Sent to SmartPath –Checked – Certificate and Account Revoked –New Card Requested if Necessary –Registration Process Begins

22 © Southampton City Council Sean Dawtry – Southampton City Council Issues Take Up –Hindsight is a good thing –Public Perception ‘Leading Edge’ –Some Components ‘volatile’ 2 pence pieces! –Jammed in Card Readers Certificate Practice/Policies –Lots of work

23 © Southampton City Council Sean Dawtry – Southampton City Council Main Partners ECSoft –Primary Integration Partner Entrust –PKI –Security and Authentication Smartcities/SchlumbergerSema –Smartcards and Smartcard Integration

24 © Southampton City Council Sean Dawtry – Southampton City Council The Future Develop Key Components as a Product that Could Implemented Elsewhere Share Documents –Certificate Practice Statement –Certificate Policy –Design Documents Add more Services –Requiring higher security levels Revenues and Benefits Secure Payments (in and out) Social Care

25 © Southampton City Council Sean Dawtry – Southampton City Council The Future Develop as a National model Integrate With UK-Online Obtain T-Scheme Approval

26 © Southampton City Council Sean Dawtry – Southampton City Council

Download ppt "© Southampton City Council Sean Dawtry – Southampton City Council The Southampton Pathfinder for Smart Cards in public services."

Similar presentations

What is. Digital Certificate It is an identity.

What is. Digital Certificate It is an identity.
1 ABCs of PKI TAG Presentation 18 th May 2004 Paul Butler.

1 ABCs of PKI TAG Presentation 18 th May 2004 Paul Butler.
Digital Certificate Installation & User Guide For Class-2 Certificates.

Digital Certificate Installation & User Guide For Class-2 Certificates.
Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.

Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.
Digital Certificate Installation & User Guide For Class-2 Certificates.

Digital Certificate Installation & User Guide For Class-2 Certificates.
EDUCAUSE 2001, Indianapolis IN Securing e-Government: Implementing the Federal PKI David Temoshok Federal PKI Policy Manager GSA Office of Governmentwide.

EDUCAUSE 2001, Indianapolis IN Securing e-Government: Implementing the Federal PKI David Temoshok Federal PKI Policy Manager GSA Office of Governmentwide.
(n)Code Solutions A division of GNFC

(n)Code Solutions A division of GNFC
Planning a Public Key Infrastructure

Planning a Public Key Infrastructure
Grid Computing, B. Wilkinson, 20045a.1 Security Continued.

Grid Computing, B. Wilkinson, 20045a.1 Security Continued.
Electronic Filing Case Study NSW Land and Environment Court.

Electronic Filing Case Study NSW Land and Environment Court.
FIPS 201 Personal Identity Verification For Federal Employees and Contractors National Institute of Standards and Technology Information Technology Laboratory.

FIPS 201 Personal Identity Verification For Federal Employees and Contractors National Institute of Standards and Technology Information Technology Laboratory.
1st Expert Group Meeting (EGM) on Electronic Trade-ECO Cooperation on Trade Facilitation 23-25 May 2012, Kish Island, I.R.IRAN.

1st Expert Group Meeting (EGM) on Electronic Trade-ECO Cooperation on Trade Facilitation May 2012, Kish Island, I.R.IRAN.
Certification Authority. Overview  Identifying CA Hierarchy Design Requirements  Common CA Hierarchy Designs  Documenting Legal Requirements  Analyzing.

Certification Authority. Overview  Identifying CA Hierarchy Design Requirements  Common CA Hierarchy Designs  Documenting Legal Requirements  Analyzing.
Chief Information Officer Branch Gestion du dirigeant principal de l’information “We will have a world class public key infrastructure in place” Prime.

Chief Information Officer Branch Gestion du dirigeant principal de l’information “We will have a world class public key infrastructure in place” Prime.
Public Key Infrastructure (PKI) Providing secure communications and authentication over an open network.

Public Key Infrastructure (PKI) Providing secure communications and authentication over an open network.
DESIGNING A PUBLIC KEY INFRASTRUCTURE

DESIGNING A PUBLIC KEY INFRASTRUCTURE
David L. Wasley Information Resources & Communications Office of the President University of California Directories and PKI Basic Components of Middleware.

David L. Wasley Information Resources & Communications Office of the President University of California Directories and PKI Basic Components of Middleware.
Lesson 12 Cryptography for E-Commerce. Approaches to Network Security Separate Security Protocol--SSL Application-Specific Security--SHTTP Security with.

Lesson 12 Cryptography for E-Commerce. Approaches to Network Security Separate Security Protocol--SSL Application-Specific Security--SHTTP Security with.
© Southampton City Council Sean Dawtry – Southampton City Council Implementing a PKI The Southampton Pathfinder for Smart Cards in public services.

© Southampton City Council Sean Dawtry – Southampton City Council Implementing a PKI The Southampton Pathfinder for Smart Cards in public services.
16.1 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.

16.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.

Similar presentations

Ads by Google