SlideShare una empresa de Scribd logo

Rajan Raj Pant

E
eletseditorial

Presentation given by Rajan Raj Pant, Controller Ministry of Science & Technology, Government of Nepal on August 3rd, 2011 at eWorld Forum (www.eworldforum.net) in the session Information Management and Security

Tecnología
1 de 29
Comprehensive National Authentication Framework using Digital Certificate and One Time Passwords Rajan Raj Pant Controller Office of Controller of Certification Ministry of Science & Technology
The State of User Authentication Passwords still dominate, but continue to weaken The need for strong authentication continues to grow Increasing number of business processes moving online Employee mobility expanding – demand for anywhere anytime access to information Compliance and notification laws proliferate Phishing attacks have increased dramatically (see www.antiphishing.org) 2
Digital Certificates Digital certificates: An electronic document that utilizes amethod to bind together: A public key An identity Can be used to verify that a public key belongs to an individual 3 Digital Certificate
One Time Passwords (OTP) 4 Software Token on PC Software Token on Mobile Device OTP On-demand Delivered: Via hardware token Software application on PC or smart device Over an SMS channel Can only be used once Hardware Token
Lightweight OTP and Legal validity using Digital Certificates – Mantra of Hybrid Authentication All Citizen Centric Internet Applications can utilize the single Authentication framework without having to reinvest into citizen registration thereby saving thousands of dollars in user management Applications can choose OTP for lightweight authentication while Digital Certificates where non-repudiation and digital signing may be necessary. Not all applications require digital signatures but all applications definitely need “strong 2 Factor Authentication” Citizen would be safe from password based vulnerabilities and would also not be required to remember multiple authentication schemes across the various public and private enterprises thereby increasing convenience manifold With government support a uniform and strong authentication service would be available for all to access – a major deterrent for technology adoption is the initial cost of procurement and maintenance – this is completely eliminated by the government providing the same as a service to all enterprises and citizens alike The framework can be easily extended to newer authentication technologies e.g. Risk Based authentication, Knowledge based authentication etc.. 5 OTP Authentication PKI Authentication & Services eCommerce Site Internet Banking Site
Digital Certificate Management Components 6 Registration Manager Certificate Manager User Validation Client Key Recovery Manager Web Server Card Manager Validation Manager
CCA Digital Certificate Management Components
Digital Certificate SolutionsProviding Secure Business Transactions 8 ,[object Object]
Device authentication
Digital Signing
E-mail encryption
Extended validation SSL certificatesIdentity validation Device identification Non-repudiation support Confidential communications Trusted websites
NEPAL and ICT 9
Southern Asia, between India and China ISP = 12 Telecom Operator = 4 Area: 147,181 sq km, Land: 143,351, Water: 3,830 sq km Population: 29,391,883 (June 2011) country comparison to the world: 41 10
Land of Yeti 11
Land of Mt. Everest 12
Land of Buddha 13
14
15
16
17
Vision 18 “The Value Networking Nepal” through – Citizen-centered service Transparent Service Networking Government Knowledge Based Society
Nepal Factsheet Population: 29,391,883 (June 2011) country comparison to the world: 41 Internet hosts: 43,928 (2010) country comparison to the world: 91 Internet users: 2,426,357(June 2011) country comparison to the world: 116 Internet penetration: 8.49 % ETA 2006, IT Policy, Password Practices, IT Security Guidelines (to be passed) Current Penetration of Mobile: 24.35 % 19
Rural Network 20
21
IT Trends in Nepal 22 Present Future E-mail Facebook Skype IRD Online Tax Return PKI E-Passport E-Banking Online Postbox NID DR Center GIDC Mobile Cash Digitization Of Land Map Vehicle Registration GEA
23 Security Layers Threats Applications Security Destruction Corruption Services Security Removal Disclosure Interruption Infrastructure Security Attacks Security Planes Security Dimensions Control Plane Management Plane Technology Architecture- Security Privacy Authentication Non-Repudiation Data Confidentiality Communications Security Data Integrity Availability Access Control Vulnerabilities End User Plane
Initiations ITERT IT Security Guidelines Code of Conduct for IT Government Network 24
Cyber Crime 21 Cases so far reported Mostly Social Engineering from Facebook Hacking 38 cases up to May 2011 25

Recomendados

Digital signature and certificate authority
Digital signature and certificate authorityDigital signature and certificate authority
Digital signature and certificate authorityKrutiShah114
 
Harnessing Blockchain technology for Cybersecurity (Smart City, Smart Nation)
Harnessing Blockchain technology for Cybersecurity (Smart City, Smart Nation)Harnessing Blockchain technology for Cybersecurity (Smart City, Smart Nation)
Harnessing Blockchain technology for Cybersecurity (Smart City, Smart Nation)NUS-ISS
 
Trylogic- Cyber security by Vikalp Sharma- FDP Presentation July 9 2020
Trylogic- Cyber security by Vikalp Sharma- FDP Presentation July 9 2020Trylogic- Cyber security by Vikalp Sharma- FDP Presentation July 9 2020
Trylogic- Cyber security by Vikalp Sharma- FDP Presentation July 9 2020Vikalp Sharma
 
Smart OpenID & Mobile Network Security
Smart OpenID & Mobile Network SecuritySmart OpenID & Mobile Network Security
Smart OpenID & Mobile Network SecurityAndreas Leicher
 
White_Papers
White_PapersWhite_Papers
White_PapersKaushal Kumar
 
Usher overview.2014.02 hi
Usher overview.2014.02 hiUsher overview.2014.02 hi
Usher overview.2014.02 hiMark Fazackerley
 
Cupa pres a_2
Cupa pres a_2Cupa pres a_2
Cupa pres a_2Mohammad Yasar
 
CTO-CyberSecurityForum-2010-Brisson-Boren
CTO-CyberSecurityForum-2010-Brisson-BorenCTO-CyberSecurityForum-2010-Brisson-Boren
CTO-CyberSecurityForum-2010-Brisson-Borensegughana
 

Recomendados

Digital signature and certificate authority
Digital signature and certificate authorityDigital signature and certificate authority
Digital signature and certificate authorityKrutiShah114
 
Harnessing Blockchain technology for Cybersecurity (Smart City, Smart Nation)
Harnessing Blockchain technology for Cybersecurity (Smart City, Smart Nation)Harnessing Blockchain technology for Cybersecurity (Smart City, Smart Nation)
Harnessing Blockchain technology for Cybersecurity (Smart City, Smart Nation)NUS-ISS
 
Trylogic- Cyber security by Vikalp Sharma- FDP Presentation July 9 2020
Trylogic- Cyber security by Vikalp Sharma- FDP Presentation July 9 2020Trylogic- Cyber security by Vikalp Sharma- FDP Presentation July 9 2020
Trylogic- Cyber security by Vikalp Sharma- FDP Presentation July 9 2020Vikalp Sharma
 
Smart OpenID & Mobile Network Security
Smart OpenID & Mobile Network SecuritySmart OpenID & Mobile Network Security
Smart OpenID & Mobile Network SecurityAndreas Leicher
 
White_Papers
White_PapersWhite_Papers
White_PapersKaushal Kumar
 
Usher overview.2014.02 hi
Usher overview.2014.02 hiUsher overview.2014.02 hi
Usher overview.2014.02 hiMark Fazackerley
 
Cupa pres a_2
Cupa pres a_2Cupa pres a_2
Cupa pres a_2Mohammad Yasar
 
CTO-CyberSecurityForum-2010-Brisson-Boren
CTO-CyberSecurityForum-2010-Brisson-BorenCTO-CyberSecurityForum-2010-Brisson-Boren
CTO-CyberSecurityForum-2010-Brisson-Borensegughana
 
Future of Public Key Infrastructure
Future of Public Key InfrastructureFuture of Public Key Infrastructure
Future of Public Key InfrastructureChin Wan Lim
 
Web of Domotics Poster
Web of Domotics PosterWeb of Domotics Poster
Web of Domotics PosterFaisal Razzak
 
electronic_payment_system_in_korea_eng
electronic_payment_system_in_korea_engelectronic_payment_system_in_korea_eng
electronic_payment_system_in_korea_engFrank Mercado
 
Digital authentication
Digital authenticationDigital authentication
Digital authenticationallanh0526
 
Chapter 06 Information Technology Act 2000
Chapter 06 Information Technology Act 2000Chapter 06 Information Technology Act 2000
Chapter 06 Information Technology Act 2000Robin Kapoor
 
Certifying authorities rules 2000
Certifying authorities rules 2000Certifying authorities rules 2000
Certifying authorities rules 2000Leo Lukose
 
The Fact-Finding Security Examination in NFC-enabled Mobile Payment System
The Fact-Finding Security Examination in NFC-enabled Mobile Payment System The Fact-Finding Security Examination in NFC-enabled Mobile Payment System
The Fact-Finding Security Examination in NFC-enabled Mobile Payment System IJECEIAES
 
Public Key Infrastructure (PKI) Market 2021 - Regional Outlook and Competitiv...
Public Key Infrastructure (PKI) Market 2021 - Regional Outlook and Competitiv...Public Key Infrastructure (PKI) Market 2021 - Regional Outlook and Competitiv...
Public Key Infrastructure (PKI) Market 2021 - Regional Outlook and Competitiv...PiyushHipparkar
 
The State of FIDO
The State of FIDOThe State of FIDO
The State of FIDOFIDO Alliance
 
Secur Digital Presentation 22jul10 Frm Show
Secur Digital Presentation 22jul10 Frm ShowSecur Digital Presentation 22jul10 Frm Show
Secur Digital Presentation 22jul10 Frm Showfmitchell
 
S K Sinha
S K SinhaS K Sinha
S K Sinhaeletseditorial
 
Electronic signature
Electronic signatureElectronic signature
Electronic signatureMelwin Mathew
 
OpenID Foundation MODRNA WG
OpenID Foundation MODRNA WGOpenID Foundation MODRNA WG
OpenID Foundation MODRNA WGBjorn Hjelm
 
Information technology-act 2000- an overview-sethassociatesppt
Information technology-act 2000- an overview-sethassociatespptInformation technology-act 2000- an overview-sethassociatesppt
Information technology-act 2000- an overview-sethassociatespptDiya Mirza
 
Mobilized Secure Login - motionQR Use Case
Mobilized Secure Login - motionQR Use CaseMobilized Secure Login - motionQR Use Case
Mobilized Secure Login - motionQR Use CasemotionQR
 
south asian mobile conference 2011 -sanjaya
south asian mobile conference 2011 -sanjayasouth asian mobile conference 2011 -sanjaya
south asian mobile conference 2011 -sanjayadaniduy
 
Combating Financial Fraud and Cyber-Crime on Mobile
Combating Financial Fraud and Cyber-Crime on MobileCombating Financial Fraud and Cyber-Crime on Mobile
Combating Financial Fraud and Cyber-Crime on MobileWultra
 
Introduction to Mobile Connect
Introduction to Mobile ConnectIntroduction to Mobile Connect
Introduction to Mobile ConnectUbisecure
 
OpenID Foundation MODRNA WG
OpenID Foundation MODRNA WGOpenID Foundation MODRNA WG
OpenID Foundation MODRNA WGBjorn Hjelm
 
Null pune 1st March-news bytes
Null pune 1st March-news bytesNull pune 1st March-news bytes
Null pune 1st March-news bytesn|u - The Open Security Community
 
Gramm
GrammGramm
Grammboydcaylee
 
We Guardian April' 2015
We Guardian April' 2015We Guardian April' 2015
We Guardian April' 2015Guardianlifecare
 

Más contenido relacionado

La actualidad más candente

Future of Public Key Infrastructure
Future of Public Key InfrastructureFuture of Public Key Infrastructure
Future of Public Key InfrastructureChin Wan Lim
 
Web of Domotics Poster
Web of Domotics PosterWeb of Domotics Poster
Web of Domotics PosterFaisal Razzak
 
electronic_payment_system_in_korea_eng
electronic_payment_system_in_korea_engelectronic_payment_system_in_korea_eng
electronic_payment_system_in_korea_engFrank Mercado
 
Digital authentication
Digital authenticationDigital authentication
Digital authenticationallanh0526
 
Chapter 06 Information Technology Act 2000
Chapter 06 Information Technology Act 2000Chapter 06 Information Technology Act 2000
Chapter 06 Information Technology Act 2000Robin Kapoor
 
Certifying authorities rules 2000
Certifying authorities rules 2000Certifying authorities rules 2000
Certifying authorities rules 2000Leo Lukose
 
The Fact-Finding Security Examination in NFC-enabled Mobile Payment System
The Fact-Finding Security Examination in NFC-enabled Mobile Payment System The Fact-Finding Security Examination in NFC-enabled Mobile Payment System
The Fact-Finding Security Examination in NFC-enabled Mobile Payment System IJECEIAES
 
Public Key Infrastructure (PKI) Market 2021 - Regional Outlook and Competitiv...
Public Key Infrastructure (PKI) Market 2021 - Regional Outlook and Competitiv...Public Key Infrastructure (PKI) Market 2021 - Regional Outlook and Competitiv...
Public Key Infrastructure (PKI) Market 2021 - Regional Outlook and Competitiv...PiyushHipparkar
 
Secur Digital Presentation 22jul10 Frm Show
Secur Digital Presentation 22jul10 Frm ShowSecur Digital Presentation 22jul10 Frm Show
Secur Digital Presentation 22jul10 Frm Showfmitchell
 
Electronic signature
Electronic signatureElectronic signature
Electronic signatureMelwin Mathew
 
OpenID Foundation MODRNA WG
OpenID Foundation MODRNA WGOpenID Foundation MODRNA WG
OpenID Foundation MODRNA WGBjorn Hjelm
 
Information technology-act 2000- an overview-sethassociatesppt
Information technology-act 2000- an overview-sethassociatespptInformation technology-act 2000- an overview-sethassociatesppt
Information technology-act 2000- an overview-sethassociatespptDiya Mirza
 
Mobilized Secure Login - motionQR Use Case
Mobilized Secure Login - motionQR Use CaseMobilized Secure Login - motionQR Use Case
Mobilized Secure Login - motionQR Use CasemotionQR
 
south asian mobile conference 2011 -sanjaya
south asian mobile conference 2011 -sanjayasouth asian mobile conference 2011 -sanjaya
south asian mobile conference 2011 -sanjayadaniduy
 
Combating Financial Fraud and Cyber-Crime on Mobile
Combating Financial Fraud and Cyber-Crime on MobileCombating Financial Fraud and Cyber-Crime on Mobile
Combating Financial Fraud and Cyber-Crime on MobileWultra
 
Introduction to Mobile Connect
Introduction to Mobile ConnectIntroduction to Mobile Connect
Introduction to Mobile ConnectUbisecure
 
OpenID Foundation MODRNA WG
OpenID Foundation MODRNA WGOpenID Foundation MODRNA WG
OpenID Foundation MODRNA WGBjorn Hjelm
 

La actualidad más candente (20)

Future of Public Key Infrastructure
Future of Public Key InfrastructureFuture of Public Key Infrastructure
Future of Public Key Infrastructure
 
Web of Domotics Poster
Web of Domotics PosterWeb of Domotics Poster
Web of Domotics Poster
 
electronic_payment_system_in_korea_eng
electronic_payment_system_in_korea_engelectronic_payment_system_in_korea_eng
electronic_payment_system_in_korea_eng
 
Digital authentication
Digital authenticationDigital authentication
Digital authentication
 
Chapter 06 Information Technology Act 2000
Chapter 06 Information Technology Act 2000Chapter 06 Information Technology Act 2000
Chapter 06 Information Technology Act 2000
 
Certifying authorities rules 2000
Certifying authorities rules 2000Certifying authorities rules 2000
Certifying authorities rules 2000
 
The Fact-Finding Security Examination in NFC-enabled Mobile Payment System
The Fact-Finding Security Examination in NFC-enabled Mobile Payment System The Fact-Finding Security Examination in NFC-enabled Mobile Payment System
The Fact-Finding Security Examination in NFC-enabled Mobile Payment System
 
Public Key Infrastructure (PKI) Market 2021 - Regional Outlook and Competitiv...
Public Key Infrastructure (PKI) Market 2021 - Regional Outlook and Competitiv...Public Key Infrastructure (PKI) Market 2021 - Regional Outlook and Competitiv...
Public Key Infrastructure (PKI) Market 2021 - Regional Outlook and Competitiv...
 
The State of FIDO
The State of FIDOThe State of FIDO
The State of FIDO
 
Secur Digital Presentation 22jul10 Frm Show
Secur Digital Presentation 22jul10 Frm ShowSecur Digital Presentation 22jul10 Frm Show
Secur Digital Presentation 22jul10 Frm Show
 
S K Sinha
S K SinhaS K Sinha
S K Sinha
 
Electronic signature
Electronic signatureElectronic signature
Electronic signature
 
OpenID Foundation MODRNA WG
OpenID Foundation MODRNA WGOpenID Foundation MODRNA WG
OpenID Foundation MODRNA WG
 
Information technology-act 2000- an overview-sethassociatesppt
Information technology-act 2000- an overview-sethassociatespptInformation technology-act 2000- an overview-sethassociatesppt
Information technology-act 2000- an overview-sethassociatesppt
 
Mobilized Secure Login - motionQR Use Case
Mobilized Secure Login - motionQR Use CaseMobilized Secure Login - motionQR Use Case
Mobilized Secure Login - motionQR Use Case
 
south asian mobile conference 2011 -sanjaya
south asian mobile conference 2011 -sanjayasouth asian mobile conference 2011 -sanjaya
south asian mobile conference 2011 -sanjaya
 
Combating Financial Fraud and Cyber-Crime on Mobile
Combating Financial Fraud and Cyber-Crime on MobileCombating Financial Fraud and Cyber-Crime on Mobile
Combating Financial Fraud and Cyber-Crime on Mobile
 
Introduction to Mobile Connect
Introduction to Mobile ConnectIntroduction to Mobile Connect
Introduction to Mobile Connect
 
OpenID Foundation MODRNA WG
OpenID Foundation MODRNA WGOpenID Foundation MODRNA WG
OpenID Foundation MODRNA WG
 
Null pune 1st March-news bytes
Null pune 1st March-news bytesNull pune 1st March-news bytes
Null pune 1st March-news bytes
 

Destacado

634062fall11copyrtcarmonaversion3
634062fall11copyrtcarmonaversion3634062fall11copyrtcarmonaversion3
634062fall11copyrtcarmonaversion3cherubess
 
Jasmne thompson
Jasmne thompsonJasmne thompson
Jasmne thompsonscox31082
 
My project about plants
My project about plantsMy project about plants
My project about plantsjugafoce
 
Digital Music Production Preview
Digital Music Production PreviewDigital Music Production Preview
Digital Music Production PreviewMatt Powers
 
Fostering Global Citizenship in the English Class
Fostering Global Citizenship in the English ClassFostering Global Citizenship in the English Class
Fostering Global Citizenship in the English ClassJennifer D. Klein
 
Tele-homeopathy Mind Technologies- eINDIA2011
Tele-homeopathy Mind Technologies- eINDIA2011Tele-homeopathy Mind Technologies- eINDIA2011
Tele-homeopathy Mind Technologies- eINDIA2011eletseditorial
 
האמת מאחורי ההסכם
האמת מאחורי ההסכםהאמת מאחורי ההסכם
האמת מאחורי ההסכםlioradler
 
Parallel Session 2.1 Capable, Integrated and Fit for the Future
Parallel Session 2.1 Capable, Integrated and Fit for the FutureParallel Session 2.1 Capable, Integrated and Fit for the Future
Parallel Session 2.1 Capable, Integrated and Fit for the FutureNHSScotlandEvent
 
Baani Group studio appartment 7428424386
Baani Group studio appartment 7428424386Baani Group studio appartment 7428424386
Baani Group studio appartment 7428424386rkkeshri
 

Destacado (20)

Gramm
GrammGramm
Gramm
 
We Guardian April' 2015
We Guardian April' 2015We Guardian April' 2015
We Guardian April' 2015
 
634062fall11copyrtcarmonaversion3
634062fall11copyrtcarmonaversion3634062fall11copyrtcarmonaversion3
634062fall11copyrtcarmonaversion3
 
Prueba prezi
Prueba preziPrueba prezi
Prueba prezi
 
Jasmne thompson
Jasmne thompsonJasmne thompson
Jasmne thompson
 
My project about plants
My project about plantsMy project about plants
My project about plants
 
9.4 notes
9.4 notes9.4 notes
9.4 notes
 
Digital Music Production Preview
Digital Music Production PreviewDigital Music Production Preview
Digital Music Production Preview
 
Fostering Global Citizenship in the English Class
Fostering Global Citizenship in the English ClassFostering Global Citizenship in the English Class
Fostering Global Citizenship in the English Class
 
6.9 notes
6.9 notes6.9 notes
6.9 notes
 
We guardians April''13
We guardians April''13We guardians April''13
We guardians April''13
 
7.5 notes
7.5 notes7.5 notes
7.5 notes
 
Raspberries
RaspberriesRaspberries
Raspberries
 
Tele-homeopathy Mind Technologies- eINDIA2011
Tele-homeopathy Mind Technologies- eINDIA2011Tele-homeopathy Mind Technologies- eINDIA2011
Tele-homeopathy Mind Technologies- eINDIA2011
 
California 2
California 2California 2
California 2
 
We Guardians Feb 2014
We Guardians Feb 2014We Guardians Feb 2014
We Guardians Feb 2014
 
האמת מאחורי ההסכם
האמת מאחורי ההסכםהאמת מאחורי ההסכם
האמת מאחורי ההסכם
 
Parallel Session 2.1 Capable, Integrated and Fit for the Future
Parallel Session 2.1 Capable, Integrated and Fit for the FutureParallel Session 2.1 Capable, Integrated and Fit for the Future
Parallel Session 2.1 Capable, Integrated and Fit for the Future
 
Miss cox
Miss coxMiss cox
Miss cox
 
Baani Group studio appartment 7428424386
Baani Group studio appartment 7428424386Baani Group studio appartment 7428424386
Baani Group studio appartment 7428424386
 

Similar a Rajan Raj Pant

Controls for Digital Signature (e-Sign) Cloud Network & eCommerce Application
Controls for Digital Signature (e-Sign) Cloud Network & eCommerce ApplicationControls for Digital Signature (e-Sign) Cloud Network & eCommerce Application
Controls for Digital Signature (e-Sign) Cloud Network & eCommerce ApplicationMufaddal Nullwala
 
Pay-Cloak:Biometric
Pay-Cloak:BiometricPay-Cloak:Biometric
Pay-Cloak:Biometricijtsrd
 
Key Security Measures Behind Digital Payment Systems
Key Security Measures Behind Digital Payment SystemsKey Security Measures Behind Digital Payment Systems
Key Security Measures Behind Digital Payment SystemsITIO Innovex
 
Managing & Securing the Online and Mobile banking - Chew Chee Seng
Managing & Securing the Online and Mobile banking - Chew Chee SengManaging & Securing the Online and Mobile banking - Chew Chee Seng
Managing & Securing the Online and Mobile banking - Chew Chee SengKnowledge Group
 
Revolutionizing digital authentication with gsma mobile connect
Revolutionizing digital authentication with gsma mobile connectRevolutionizing digital authentication with gsma mobile connect
Revolutionizing digital authentication with gsma mobile connectKeet Sugathadasa
 
Security & Seamless CX in User Authentication: How to Achieve Both?
Security & Seamless CX in User Authentication: How to Achieve Both?Security & Seamless CX in User Authentication: How to Achieve Both?
Security & Seamless CX in User Authentication: How to Achieve Both?Ivona M
 
NEC's Digital Identity Platform for Federal Agencies
NEC's Digital Identity Platform for Federal AgenciesNEC's Digital Identity Platform for Federal Agencies
NEC's Digital Identity Platform for Federal AgenciesInteractiveNEC
 
IDENTITY PLATFORMS: How central, flexible, deployment of multiple authenticat...
IDENTITY PLATFORMS: How central, flexible, deployment of multiple authenticat...IDENTITY PLATFORMS: How central, flexible, deployment of multiple authenticat...
IDENTITY PLATFORMS: How central, flexible, deployment of multiple authenticat...Entrust Datacard
 
Information technology act 2000.avi
Information technology act 2000.aviInformation technology act 2000.avi
Information technology act 2000.aviavinashmsy
 
פתרונות ביומטריים - רשיונות נהיגה ביומטריים | קומדע
פתרונות ביומטריים - רשיונות נהיגה ביומטריים | קומדעפתרונות ביומטריים - רשיונות נהיגה ביומטריים | קומדע
פתרונות ביומטריים - רשיונות נהיגה ביומטריים | קומדעZeev Shetach
 
Online Voting System Using Blockchain Technology
Online Voting System Using Blockchain TechnologyOnline Voting System Using Blockchain Technology
Online Voting System Using Blockchain TechnologyIRJET Journal
 
General discussion paper for airports
General discussion paper for airportsGeneral discussion paper for airports
General discussion paper for airportsRexcy
 
General discussion paper for airports
General discussion paper for airportsGeneral discussion paper for airports
General discussion paper for airportsChas Yap
 
Mobile Ad Hoc Networks ( Manets )
Mobile Ad Hoc Networks ( Manets )Mobile Ad Hoc Networks ( Manets )
Mobile Ad Hoc Networks ( Manets )Heather Vargas
 
Reinventing Cybersecurity in the Internet of Things
Reinventing Cybersecurity in the Internet of ThingsReinventing Cybersecurity in the Internet of Things
Reinventing Cybersecurity in the Internet of ThingsNirmal Misra
 
151022_oml_reinventing_cybersecurity_IoT_v1p
151022_oml_reinventing_cybersecurity_IoT_v1p151022_oml_reinventing_cybersecurity_IoT_v1p
151022_oml_reinventing_cybersecurity_IoT_v1pStéphane Roule
 
A MOBILE BASED ANTI-PHISHING AUTHENTICATION SCHEME USING CHALLENGE-RESPONSE A...
A MOBILE BASED ANTI-PHISHING AUTHENTICATION SCHEME USING CHALLENGE-RESPONSE A...A MOBILE BASED ANTI-PHISHING AUTHENTICATION SCHEME USING CHALLENGE-RESPONSE A...
A MOBILE BASED ANTI-PHISHING AUTHENTICATION SCHEME USING CHALLENGE-RESPONSE A...ijiert bestjournal
 

Similar a Rajan Raj Pant (20)

BRIEFING ON THE UAE NATIONAL ID CARD PROJECT
BRIEFING ON THE UAE NATIONAL ID CARD PROJECTBRIEFING ON THE UAE NATIONAL ID CARD PROJECT
BRIEFING ON THE UAE NATIONAL ID CARD PROJECT
 
Controls for Digital Signature (e-Sign) Cloud Network & eCommerce Application
Controls for Digital Signature (e-Sign) Cloud Network & eCommerce ApplicationControls for Digital Signature (e-Sign) Cloud Network & eCommerce Application
Controls for Digital Signature (e-Sign) Cloud Network & eCommerce Application
 
Pay-Cloak:Biometric
Pay-Cloak:BiometricPay-Cloak:Biometric
Pay-Cloak:Biometric
 
Key Security Measures Behind Digital Payment Systems
Key Security Measures Behind Digital Payment SystemsKey Security Measures Behind Digital Payment Systems
Key Security Measures Behind Digital Payment Systems
 
Managing & Securing the Online and Mobile banking - Chew Chee Seng
Managing & Securing the Online and Mobile banking - Chew Chee SengManaging & Securing the Online and Mobile banking - Chew Chee Seng
Managing & Securing the Online and Mobile banking - Chew Chee Seng
 
Revolutionizing digital authentication with gsma mobile connect
Revolutionizing digital authentication with gsma mobile connectRevolutionizing digital authentication with gsma mobile connect
Revolutionizing digital authentication with gsma mobile connect
 
Identity and Mobility in a Digital World
Identity and Mobility in a Digital WorldIdentity and Mobility in a Digital World
Identity and Mobility in a Digital World
 
Security & Seamless CX in User Authentication: How to Achieve Both?
Security & Seamless CX in User Authentication: How to Achieve Both?Security & Seamless CX in User Authentication: How to Achieve Both?
Security & Seamless CX in User Authentication: How to Achieve Both?
 
NEC's Digital Identity Platform for Federal Agencies
NEC's Digital Identity Platform for Federal AgenciesNEC's Digital Identity Platform for Federal Agencies
NEC's Digital Identity Platform for Federal Agencies
 
IDENTITY PLATFORMS: How central, flexible, deployment of multiple authenticat...
IDENTITY PLATFORMS: How central, flexible, deployment of multiple authenticat...IDENTITY PLATFORMS: How central, flexible, deployment of multiple authenticat...
IDENTITY PLATFORMS: How central, flexible, deployment of multiple authenticat...
 
Information technology act 2000.avi
Information technology act 2000.aviInformation technology act 2000.avi
Information technology act 2000.avi
 
פתרונות ביומטריים - רשיונות נהיגה ביומטריים | קומדע
פתרונות ביומטריים - רשיונות נהיגה ביומטריים | קומדעפתרונות ביומטריים - רשיונות נהיגה ביומטריים | קומדע
פתרונות ביומטריים - רשיונות נהיגה ביומטריים | קומדע
 
Online Voting System Using Blockchain Technology
Online Voting System Using Blockchain TechnologyOnline Voting System Using Blockchain Technology
Online Voting System Using Blockchain Technology
 
General discussion paper for airports
General discussion paper for airportsGeneral discussion paper for airports
General discussion paper for airports
 
General discussion paper for airports
General discussion paper for airportsGeneral discussion paper for airports
General discussion paper for airports
 
Mobile Ad Hoc Networks ( Manets )
Mobile Ad Hoc Networks ( Manets )Mobile Ad Hoc Networks ( Manets )
Mobile Ad Hoc Networks ( Manets )
 
Urban e governance
Urban e governanceUrban e governance
Urban e governance
 
Reinventing Cybersecurity in the Internet of Things
Reinventing Cybersecurity in the Internet of ThingsReinventing Cybersecurity in the Internet of Things
Reinventing Cybersecurity in the Internet of Things
 
151022_oml_reinventing_cybersecurity_IoT_v1p
151022_oml_reinventing_cybersecurity_IoT_v1p151022_oml_reinventing_cybersecurity_IoT_v1p
151022_oml_reinventing_cybersecurity_IoT_v1p
 
A MOBILE BASED ANTI-PHISHING AUTHENTICATION SCHEME USING CHALLENGE-RESPONSE A...
A MOBILE BASED ANTI-PHISHING AUTHENTICATION SCHEME USING CHALLENGE-RESPONSE A...A MOBILE BASED ANTI-PHISHING AUTHENTICATION SCHEME USING CHALLENGE-RESPONSE A...
A MOBILE BASED ANTI-PHISHING AUTHENTICATION SCHEME USING CHALLENGE-RESPONSE A...
 

Más de eletseditorial

3 d technology in education :: Podar International School
3 d technology in education :: Podar International School3 d technology in education :: Podar International School
3 d technology in education :: Podar International Schooleletseditorial
 
Nalini Chandran, Director
Nalini Chandran, Director Nalini Chandran, Director
Nalini Chandran, Director eletseditorial
 
Dr Anita Priyadarshini
Dr Anita Priyadarshini Dr Anita Priyadarshini
Dr Anita Priyadarshini eletseditorial
 
World education summit 2011 [inaugural session]
World education summit 2011 [inaugural session]World education summit 2011 [inaugural session]
World education summit 2011 [inaugural session]eletseditorial
 

Más de eletseditorial (20)

3 d technology in education :: Podar International School
3 d technology in education :: Podar International School3 d technology in education :: Podar International School
3 d technology in education :: Podar International School
 
Nalini Chandran, Director
Nalini Chandran, Director Nalini Chandran, Director
Nalini Chandran, Director
 
Rachna Swarup
Rachna Swarup Rachna Swarup
Rachna Swarup
 
Murli K S
Murli K S Murli K S
Murli K S
 
Dr Kuldeep Agarwal,
Dr Kuldeep Agarwal, Dr Kuldeep Agarwal,
Dr Kuldeep Agarwal,
 
Mark Parkinson
Mark Parkinson Mark Parkinson
Mark Parkinson
 
Nagraj G Honnekeri
Nagraj G Honnekeri Nagraj G Honnekeri
Nagraj G Honnekeri
 
Shraman Jha
Shraman Jha Shraman Jha
Shraman Jha
 
Dr Melor Md yunus
Dr Melor Md yunus Dr Melor Md yunus
Dr Melor Md yunus
 
Dinesh Kumar
Dinesh Kumar Dinesh Kumar
Dinesh Kumar
 
Veena Raizada
Veena Raizada Veena Raizada
Veena Raizada
 
Amit Gupta
Amit Gupta Amit Gupta
Amit Gupta
 
Dr Anita Priyadarshini
Dr Anita Priyadarshini Dr Anita Priyadarshini
Dr Anita Priyadarshini
 
Dr Anjalee Prakash
Dr Anjalee Prakash Dr Anjalee Prakash
Dr Anjalee Prakash
 
Son Kuswadi
Son Kuswadi Son Kuswadi
Son Kuswadi
 
Mr. Raj Grover
Mr. Raj Grover Mr. Raj Grover
Mr. Raj Grover
 
Mr. Manish Upadhyay
Mr. Manish Upadhyay Mr. Manish Upadhyay
Mr. Manish Upadhyay
 
Dr Thomas Christie
Dr Thomas Christie Dr Thomas Christie
Dr Thomas Christie
 
Prof K R Srivathsan
Prof K R Srivathsan Prof K R Srivathsan
Prof K R Srivathsan
 
World education summit 2011 [inaugural session]
World education summit 2011 [inaugural session]World education summit 2011 [inaugural session]
World education summit 2011 [inaugural session]
 

Último

Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​Bhuvaneswari Subramani
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoffsammart93
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MIND CTI
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusZilliz
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...Zilliz
 
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...apidays
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century educationjfdjdjcjdnsjd
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingEdi Saputra
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businesspanagenda
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodJuan lago vázquez
 
Platformless Horizons for Digital Adaptability
Platformless Horizons for Digital AdaptabilityPlatformless Horizons for Digital Adaptability
Platformless Horizons for Digital AdaptabilityWSO2
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistandanishmna97
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProduct Anonymous
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
 
WSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering DevelopersWSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering DevelopersWSO2
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherRemote DBA Services
 

Último (20)

Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with Milvus
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
Platformless Horizons for Digital Adaptability
Platformless Horizons for Digital AdaptabilityPlatformless Horizons for Digital Adaptability
Platformless Horizons for Digital Adaptability
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistan
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
WSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering DevelopersWSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering Developers
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..
 

Rajan Raj Pant

  • 1. Comprehensive National Authentication Framework using Digital Certificate and One Time Passwords Rajan Raj Pant Controller Office of Controller of Certification Ministry of Science & Technology
  • 2. The State of User Authentication Passwords still dominate, but continue to weaken The need for strong authentication continues to grow Increasing number of business processes moving online Employee mobility expanding – demand for anywhere anytime access to information Compliance and notification laws proliferate Phishing attacks have increased dramatically (see www.antiphishing.org) 2
  • 3. Digital Certificates Digital certificates: An electronic document that utilizes amethod to bind together: A public key An identity Can be used to verify that a public key belongs to an individual 3 Digital Certificate
  • 4. One Time Passwords (OTP) 4 Software Token on PC Software Token on Mobile Device OTP On-demand Delivered: Via hardware token Software application on PC or smart device Over an SMS channel Can only be used once Hardware Token
  • 5. Lightweight OTP and Legal validity using Digital Certificates – Mantra of Hybrid Authentication All Citizen Centric Internet Applications can utilize the single Authentication framework without having to reinvest into citizen registration thereby saving thousands of dollars in user management Applications can choose OTP for lightweight authentication while Digital Certificates where non-repudiation and digital signing may be necessary. Not all applications require digital signatures but all applications definitely need “strong 2 Factor Authentication” Citizen would be safe from password based vulnerabilities and would also not be required to remember multiple authentication schemes across the various public and private enterprises thereby increasing convenience manifold With government support a uniform and strong authentication service would be available for all to access – a major deterrent for technology adoption is the initial cost of procurement and maintenance – this is completely eliminated by the government providing the same as a service to all enterprises and citizens alike The framework can be easily extended to newer authentication technologies e.g. Risk Based authentication, Knowledge based authentication etc.. 5 OTP Authentication PKI Authentication & Services eCommerce Site Internet Banking Site
  • 6. Digital Certificate Management Components 6 Registration Manager Certificate Manager User Validation Client Key Recovery Manager Web Server Card Manager Validation Manager
  • 7. CCA Digital Certificate Management Components
  • 8.
  • 12. Extended validation SSL certificatesIdentity validation Device identification Non-repudiation support Confidential communications Trusted websites
  • 14. Southern Asia, between India and China ISP = 12 Telecom Operator = 4 Area: 147,181 sq km, Land: 143,351, Water: 3,830 sq km Population: 29,391,883 (June 2011) country comparison to the world: 41 10
  • 16. Land of Mt. Everest 12
  • 18. 14
  • 19. 15
  • 20. 16
  • 21. 17
  • 22. Vision 18 “The Value Networking Nepal” through – Citizen-centered service Transparent Service Networking Government Knowledge Based Society
  • 23. Nepal Factsheet Population: 29,391,883 (June 2011) country comparison to the world: 41 Internet hosts: 43,928 (2010) country comparison to the world: 91 Internet users: 2,426,357(June 2011) country comparison to the world: 116 Internet penetration: 8.49 % ETA 2006, IT Policy, Password Practices, IT Security Guidelines (to be passed) Current Penetration of Mobile: 24.35 % 19
  • 25. 21
  • 26. IT Trends in Nepal 22 Present Future E-mail Facebook Skype IRD Online Tax Return PKI E-Passport E-Banking Online Postbox NID DR Center GIDC Mobile Cash Digitization Of Land Map Vehicle Registration GEA
  • 27. 23 Security Layers Threats Applications Security Destruction Corruption Services Security Removal Disclosure Interruption Infrastructure Security Attacks Security Planes Security Dimensions Control Plane Management Plane Technology Architecture- Security Privacy Authentication Non-Repudiation Data Confidentiality Communications Security Data Integrity Availability Access Control Vulnerabilities End User Plane
  • 28. Initiations ITERT IT Security Guidelines Code of Conduct for IT Government Network 24
  • 29. Cyber Crime 21 Cases so far reported Mostly Social Engineering from Facebook Hacking 38 cases up to May 2011 25
  • 30.
  • 34. Lack of proper co-ordination among IT agencies
  • 35. Lack of proper implementation and monitoring of the existing rules and regulation
  • 36. Not keeping IT in the priority list
  • 37.
  • 38. 28 OCC Implementation of ETA License to ICA Monitor and Supervision of ICAs Information Security Relates works IT Security Audit Investigation Agency Functions