1. Dao Dinh Kha National Centre of Digital Signature Authentication - Agency of Information Technology Application A vision on a national Electronic Authentication Infrastructure MINISTRY OF INFORMATION AND COMMUNICATIONS Symposium on buiding an Electronic Authentication Infrastructure for the deployment of online public services and administration reform

2. NCDSA ROOTCA  2 Introduction of an effort of Viet Nam in building a nation-wide infrastructure for effectively securing electronic transactions Agenda 1.Introduction 2.Electronic transactions trend 3.Business requirements for an electronic Authentication Framework 4.Outline an Electronic Authentication system 5.Conclusion Agenda

3. NCDSA ROOTCA  3 Demand for electronic transactions Increasing trend of electronic transactions Communication channel between state agencies and society E-commerce and commercial support activities International agreements Effort of Viet Nam in e-government development Vietnam’s rank in terms of the e-gov readiness index improved E-government: …where Internet and related technologies has the potential to transform the structures and operation of government (UN). Transactions between the administration and its citizens, private sector going to be online

4. NCDSA ROOTCA  4 The information security requirements for electronic transactions Confidential/ P rivacy A uthentication I ntegrity N on-repudiation Without information security measures: PAIN Modern ways to secure electronic transactions Information security for electronic transactions

5. NCDSA ROOTCA  5 Some major PKI projects: Toward e-government development Ongoing PKI projects E-Tax, E-custom: MOF E-Banking: VSB E-Certificate of Origin, Chemistry registration: MOIT E-Intellectual Property: MOST E-Procurement: MPI Others projects in the IT application plan 2010 Integrated E-mail system Document sharing

6. NCDSA ROOTCA  6 Multi Factor Tokenc Very High High Average Standard Low A mouse click Knowledge- based Pin/Password - PKI Cost Level of authentication Levels of Authentication Information security requirement: case by case High: Payment in a commercial deal Low: Transportation fee payment Banking electronic transactionsc Not every transaction requires all PKI properties The common requirement is authentication Criteria to select appropriate measures

7. NCDSA ROOTCA  7 Lesson from abroad The reference countries USA Australia Singapore Other countries The concepts: Authentication principles and the mechanism to facilitate these principles Electronic Authentication Framework (NeAF) and Infrastructure to facilitate the framework (NeAS)

8. NCDSA ROOTCA  8 Toward a nation-wide electronic authentication framework Goals Protect investment Facilitate simple solutions for applications encompassing authentication functions Easy the technology upgrade Scope Scope: Concentrate on the government activities

9. NCDSA ROOTCA  9 NeAF: Project In the framework of WB Project: Consultancy on a PKI scheme to support e-Government development and on a Proposal for the National e-Authentication Framework With cooperation of leading international and regional Information security vendors Tentative finish date: 2011

10. NCDSA ROOTCA  10 NeAF: Project organization Supporting team work leaded by NCDSA (AITA, MIC) Our mission: Determine appropriate objectives Support and assistant Technology and knowledge transfer (to action) Monitor the quality

11. NCDSA ROOTCA  11 NeAF: Objectives Develop a proposal for the national e- Authentication framework that consists of: Principles and methodologies Technologies, policies, procedures, and assessment framework for electronic transactions in e-Government development and socio-economic development. Architecture, main technical specification of authentication service components, and their interface specifications. Develop the capacity to build up expertise for e- Authentication.

12. NCDSA ROOTCA  12 NeAF: Issues Manage the risks associated with the online transactions in the future e-Government of Vietnam and e-Commerce Considering all authentication risk factors Help determine the appropriate authentication methods for each electronic transaction type Deliver an outline design for the electronic authentication system based on the framework For futute investment proposal

13. NCDSA ROOTCA  13 NeAF: Reference Address most issues that have occurred in authorizing electronic transactions in IT advanced countries The reference countries are USA, Canada, Australia and Singapore. The international experience from the work being conducted under the STORK and PEPPOL projects relating to adoption of PKI in electronic IDs and public procurement processes in the EU will be specially interested in. The designs’ reference countries are USA, Canada, and Australia.

14. NCDSA ROOTCA  14 NeAF: Feature requirements Main Issues for National e-Authentication Framework and electronic Authentication system Risk Management Security Privacy Disclosure Requirements Complaints Handling Standards

15. NCDSA ROOTCA  15 NeAF: Feature requirements ( cont. ) Main Issues for National e-Authentication Framework and electronic Authentication system Scalability Balance Principles Authentication assurance levels Approach Cost- Effectiveness Integration

16. NCDSA ROOTCA  16 Implementation: Model and components National Electronic Authentication System: Provide authentication services to agencies and public electronic transactions. Federated Authentication Model: With multiple types of credentials Components Application Service Providers Credential Service Providers: Support 3 rd parties End Users Authentication scenario assertion-based certificate-based

17. NCDSA ROOTCA  17 CSP(s) Ministry A Website Branh B Portal Operation Model of NecAS User(s) Select the level of authentication based on business requirements Credential type A Credential type B

18. NCDSA ROOTCA  18 Provide user authentication services to state agencies’ public websites, focus on: Key agencies Only administrative public services Performance requirements for the 1 st phase Able to serve around concurrent 100 authentication requests. Not every access needs authentication. National Authentication Systems ( Phase I )

19. NCDSA ROOTCA  19 To extend in the future to cover all public services Promote PPP Extending capabilities and integrated technologies Implement multiple types of credential Improving performance National Authentication Systems ( Phase II )

20. NCDSA ROOTCA  20 Conclusion Data sharing requires information security and authentication NeAF and NeAS help efficient development of e- gov applications that need authentication Firm infrastructure invested by government and PPP are needed

21. Thank you very much! National Centre of Digital Signature Authentication (AITA, MIC) E-mail: dinhkha@mic.gov.vn Tel: 0983 264 287dinhkha@mic.gov.vn