SlideShare uma empresa Scribd logo

Rajan Raj Pant

E
eletseditorial

Presentation given by Rajan Raj Pant, Controller Ministry of Science & Technology, Government of Nepal on August 3rd, 2011 at eWorld Forum (www.eworldforum.net) in the session Information Management and Security

Tecnologia
1 de 29
Comprehensive National Authentication Framework using Digital Certificate and One Time Passwords Rajan Raj Pant Controller Office of Controller of Certification Ministry of Science & Technology
The State of User Authentication Passwords still dominate, but continue to weaken The need for strong authentication continues to grow Increasing number of business processes moving online Employee mobility expanding – demand for anywhere anytime access to information Compliance and notification laws proliferate Phishing attacks have increased dramatically (see www.antiphishing.org) 2
Digital Certificates Digital certificates: An electronic document that utilizes amethod to bind together: A public key An identity Can be used to verify that a public key belongs to an individual 3 Digital Certificate
One Time Passwords (OTP) 4 Software Token on PC Software Token on Mobile Device OTP On-demand Delivered: Via hardware token Software application on PC or smart device Over an SMS channel Can only be used once Hardware Token
Lightweight OTP and Legal validity using Digital Certificates – Mantra of Hybrid Authentication All Citizen Centric Internet Applications can utilize the single Authentication framework without having to reinvest into citizen registration thereby saving thousands of dollars in user management Applications can choose OTP for lightweight authentication while Digital Certificates where non-repudiation and digital signing may be necessary. Not all applications require digital signatures but all applications definitely need “strong 2 Factor Authentication” Citizen would be safe from password based vulnerabilities and would also not be required to remember multiple authentication schemes across the various public and private enterprises thereby increasing convenience manifold With government support a uniform and strong authentication service would be available for all to access – a major deterrent for technology adoption is the initial cost of procurement and maintenance – this is completely eliminated by the government providing the same as a service to all enterprises and citizens alike The framework can be easily extended to newer authentication technologies e.g. Risk Based authentication, Knowledge based authentication etc.. 5 OTP Authentication PKI Authentication & Services eCommerce Site Internet Banking Site
Digital Certificate Management Components 6 Registration Manager Certificate Manager User Validation Client Key Recovery Manager Web Server Card Manager Validation Manager
CCA Digital Certificate Management Components
Digital Certificate SolutionsProviding Secure Business Transactions 8 ,[object Object]
Device authentication
Digital Signing
E-mail encryption
Extended validation SSL certificatesIdentity validation Device identification Non-repudiation support Confidential communications Trusted websites
NEPAL and ICT 9
Southern Asia, between India and China ISP = 12 Telecom Operator = 4 Area: 147,181 sq km, Land: 143,351, Water: 3,830 sq km Population: 29,391,883 (June 2011) country comparison to the world: 41 10
Land of Yeti 11
Land of Mt. Everest 12
Land of Buddha 13
14
15
16
17
Vision 18 “The Value Networking Nepal” through – Citizen-centered service Transparent Service Networking Government Knowledge Based Society
Nepal Factsheet Population: 29,391,883 (June 2011) country comparison to the world: 41 Internet hosts: 43,928 (2010) country comparison to the world: 91 Internet users: 2,426,357(June 2011) country comparison to the world: 116 Internet penetration: 8.49 % ETA 2006, IT Policy, Password Practices, IT Security Guidelines (to be passed) Current Penetration of Mobile: 24.35 % 19
Rural Network 20
21
IT Trends in Nepal 22 Present Future E-mail Facebook Skype IRD Online Tax Return PKI E-Passport E-Banking Online Postbox NID DR Center GIDC Mobile Cash Digitization Of Land Map Vehicle Registration GEA
23 Security Layers Threats Applications Security Destruction Corruption Services Security Removal Disclosure Interruption Infrastructure Security Attacks Security Planes Security Dimensions Control Plane Management Plane Technology Architecture- Security Privacy Authentication Non-Repudiation Data Confidentiality Communications Security Data Integrity Availability Access Control Vulnerabilities End User Plane
Initiations ITERT IT Security Guidelines Code of Conduct for IT Government Network 24
Cyber Crime 21 Cases so far reported Mostly Social Engineering from Facebook Hacking 38 cases up to May 2011 25

Recomendados

Digital signature and certificate authority
Digital signature and certificate authorityDigital signature and certificate authority
Digital signature and certificate authorityKrutiShah114
 
Harnessing Blockchain technology for Cybersecurity (Smart City, Smart Nation)
Harnessing Blockchain technology for Cybersecurity (Smart City, Smart Nation)Harnessing Blockchain technology for Cybersecurity (Smart City, Smart Nation)
Harnessing Blockchain technology for Cybersecurity (Smart City, Smart Nation)NUS-ISS
 
Trylogic- Cyber security by Vikalp Sharma- FDP Presentation July 9 2020
Trylogic- Cyber security by Vikalp Sharma- FDP Presentation July 9 2020Trylogic- Cyber security by Vikalp Sharma- FDP Presentation July 9 2020
Trylogic- Cyber security by Vikalp Sharma- FDP Presentation July 9 2020Vikalp Sharma
 
Smart OpenID & Mobile Network Security
Smart OpenID & Mobile Network SecuritySmart OpenID & Mobile Network Security
Smart OpenID & Mobile Network SecurityAndreas Leicher
 
White_Papers
White_PapersWhite_Papers
White_PapersKaushal Kumar
 
Usher overview.2014.02 hi
Usher overview.2014.02 hiUsher overview.2014.02 hi
Usher overview.2014.02 hiMark Fazackerley
 
Cupa pres a_2
Cupa pres a_2Cupa pres a_2
Cupa pres a_2Mohammad Yasar
 
CTO-CyberSecurityForum-2010-Brisson-Boren
CTO-CyberSecurityForum-2010-Brisson-BorenCTO-CyberSecurityForum-2010-Brisson-Boren
CTO-CyberSecurityForum-2010-Brisson-Borensegughana
 

Recomendados

Digital signature and certificate authority
Digital signature and certificate authorityDigital signature and certificate authority
Digital signature and certificate authorityKrutiShah114
 
Harnessing Blockchain technology for Cybersecurity (Smart City, Smart Nation)
Harnessing Blockchain technology for Cybersecurity (Smart City, Smart Nation)Harnessing Blockchain technology for Cybersecurity (Smart City, Smart Nation)
Harnessing Blockchain technology for Cybersecurity (Smart City, Smart Nation)NUS-ISS
 
Trylogic- Cyber security by Vikalp Sharma- FDP Presentation July 9 2020
Trylogic- Cyber security by Vikalp Sharma- FDP Presentation July 9 2020Trylogic- Cyber security by Vikalp Sharma- FDP Presentation July 9 2020
Trylogic- Cyber security by Vikalp Sharma- FDP Presentation July 9 2020Vikalp Sharma
 
Smart OpenID & Mobile Network Security
Smart OpenID & Mobile Network SecuritySmart OpenID & Mobile Network Security
Smart OpenID & Mobile Network SecurityAndreas Leicher
 
White_Papers
White_PapersWhite_Papers
White_PapersKaushal Kumar
 
Usher overview.2014.02 hi
Usher overview.2014.02 hiUsher overview.2014.02 hi
Usher overview.2014.02 hiMark Fazackerley
 
Cupa pres a_2
Cupa pres a_2Cupa pres a_2
Cupa pres a_2Mohammad Yasar
 
CTO-CyberSecurityForum-2010-Brisson-Boren
CTO-CyberSecurityForum-2010-Brisson-BorenCTO-CyberSecurityForum-2010-Brisson-Boren
CTO-CyberSecurityForum-2010-Brisson-Borensegughana
 
Future of Public Key Infrastructure
Future of Public Key InfrastructureFuture of Public Key Infrastructure
Future of Public Key InfrastructureChin Wan Lim
 
Web of Domotics Poster
Web of Domotics PosterWeb of Domotics Poster
Web of Domotics PosterFaisal Razzak
 
electronic_payment_system_in_korea_eng
electronic_payment_system_in_korea_engelectronic_payment_system_in_korea_eng
electronic_payment_system_in_korea_engFrank Mercado
 
Digital authentication
Digital authenticationDigital authentication
Digital authenticationallanh0526
 
Chapter 06 Information Technology Act 2000
Chapter 06 Information Technology Act 2000Chapter 06 Information Technology Act 2000
Chapter 06 Information Technology Act 2000Robin Kapoor
 
Certifying authorities rules 2000
Certifying authorities rules 2000Certifying authorities rules 2000
Certifying authorities rules 2000Leo Lukose
 
The Fact-Finding Security Examination in NFC-enabled Mobile Payment System
The Fact-Finding Security Examination in NFC-enabled Mobile Payment System The Fact-Finding Security Examination in NFC-enabled Mobile Payment System
The Fact-Finding Security Examination in NFC-enabled Mobile Payment System IJECEIAES
 
Public Key Infrastructure (PKI) Market 2021 - Regional Outlook and Competitiv...
Public Key Infrastructure (PKI) Market 2021 - Regional Outlook and Competitiv...Public Key Infrastructure (PKI) Market 2021 - Regional Outlook and Competitiv...
Public Key Infrastructure (PKI) Market 2021 - Regional Outlook and Competitiv...PiyushHipparkar
 
The State of FIDO
The State of FIDOThe State of FIDO
The State of FIDOFIDO Alliance
 
Secur Digital Presentation 22jul10 Frm Show
Secur Digital Presentation 22jul10 Frm ShowSecur Digital Presentation 22jul10 Frm Show
Secur Digital Presentation 22jul10 Frm Showfmitchell
 
S K Sinha
S K SinhaS K Sinha
S K Sinhaeletseditorial
 
Electronic signature
Electronic signatureElectronic signature
Electronic signatureMelwin Mathew
 
OpenID Foundation MODRNA WG
OpenID Foundation MODRNA WGOpenID Foundation MODRNA WG
OpenID Foundation MODRNA WGBjorn Hjelm
 
Information technology-act 2000- an overview-sethassociatesppt
Information technology-act 2000- an overview-sethassociatespptInformation technology-act 2000- an overview-sethassociatesppt
Information technology-act 2000- an overview-sethassociatespptDiya Mirza
 
Mobilized Secure Login - motionQR Use Case
Mobilized Secure Login - motionQR Use CaseMobilized Secure Login - motionQR Use Case
Mobilized Secure Login - motionQR Use CasemotionQR
 
south asian mobile conference 2011 -sanjaya
south asian mobile conference 2011 -sanjayasouth asian mobile conference 2011 -sanjaya
south asian mobile conference 2011 -sanjayadaniduy
 
Combating Financial Fraud and Cyber-Crime on Mobile
Combating Financial Fraud and Cyber-Crime on MobileCombating Financial Fraud and Cyber-Crime on Mobile
Combating Financial Fraud and Cyber-Crime on MobileWultra
 
Introduction to Mobile Connect
Introduction to Mobile ConnectIntroduction to Mobile Connect
Introduction to Mobile ConnectUbisecure
 
OpenID Foundation MODRNA WG
OpenID Foundation MODRNA WGOpenID Foundation MODRNA WG
OpenID Foundation MODRNA WGBjorn Hjelm
 
Null pune 1st March-news bytes
Null pune 1st March-news bytesNull pune 1st March-news bytes
Null pune 1st March-news bytesn|u - The Open Security Community
 
Gramm
GrammGramm
Grammboydcaylee
 
We Guardian April' 2015
We Guardian April' 2015We Guardian April' 2015
We Guardian April' 2015Guardianlifecare
 

Mais conteúdo relacionado

Mais procurados

Future of Public Key Infrastructure
Future of Public Key InfrastructureFuture of Public Key Infrastructure
Future of Public Key InfrastructureChin Wan Lim
 
Web of Domotics Poster
Web of Domotics PosterWeb of Domotics Poster
Web of Domotics PosterFaisal Razzak
 
electronic_payment_system_in_korea_eng
electronic_payment_system_in_korea_engelectronic_payment_system_in_korea_eng
electronic_payment_system_in_korea_engFrank Mercado
 
Digital authentication
Digital authenticationDigital authentication
Digital authenticationallanh0526
 
Chapter 06 Information Technology Act 2000
Chapter 06 Information Technology Act 2000Chapter 06 Information Technology Act 2000
Chapter 06 Information Technology Act 2000Robin Kapoor
 
Certifying authorities rules 2000
Certifying authorities rules 2000Certifying authorities rules 2000
Certifying authorities rules 2000Leo Lukose
 
The Fact-Finding Security Examination in NFC-enabled Mobile Payment System
The Fact-Finding Security Examination in NFC-enabled Mobile Payment System The Fact-Finding Security Examination in NFC-enabled Mobile Payment System
The Fact-Finding Security Examination in NFC-enabled Mobile Payment System IJECEIAES
 
Public Key Infrastructure (PKI) Market 2021 - Regional Outlook and Competitiv...
Public Key Infrastructure (PKI) Market 2021 - Regional Outlook and Competitiv...Public Key Infrastructure (PKI) Market 2021 - Regional Outlook and Competitiv...
Public Key Infrastructure (PKI) Market 2021 - Regional Outlook and Competitiv...PiyushHipparkar
 
Secur Digital Presentation 22jul10 Frm Show
Secur Digital Presentation 22jul10 Frm ShowSecur Digital Presentation 22jul10 Frm Show
Secur Digital Presentation 22jul10 Frm Showfmitchell
 
Electronic signature
Electronic signatureElectronic signature
Electronic signatureMelwin Mathew
 
OpenID Foundation MODRNA WG
OpenID Foundation MODRNA WGOpenID Foundation MODRNA WG
OpenID Foundation MODRNA WGBjorn Hjelm
 
Information technology-act 2000- an overview-sethassociatesppt
Information technology-act 2000- an overview-sethassociatespptInformation technology-act 2000- an overview-sethassociatesppt
Information technology-act 2000- an overview-sethassociatespptDiya Mirza
 
Mobilized Secure Login - motionQR Use Case
Mobilized Secure Login - motionQR Use CaseMobilized Secure Login - motionQR Use Case
Mobilized Secure Login - motionQR Use CasemotionQR
 
south asian mobile conference 2011 -sanjaya
south asian mobile conference 2011 -sanjayasouth asian mobile conference 2011 -sanjaya
south asian mobile conference 2011 -sanjayadaniduy
 
Combating Financial Fraud and Cyber-Crime on Mobile
Combating Financial Fraud and Cyber-Crime on MobileCombating Financial Fraud and Cyber-Crime on Mobile
Combating Financial Fraud and Cyber-Crime on MobileWultra
 
Introduction to Mobile Connect
Introduction to Mobile ConnectIntroduction to Mobile Connect
Introduction to Mobile ConnectUbisecure
 
OpenID Foundation MODRNA WG
OpenID Foundation MODRNA WGOpenID Foundation MODRNA WG
OpenID Foundation MODRNA WGBjorn Hjelm
 

Mais procurados (20)

Future of Public Key Infrastructure
Future of Public Key InfrastructureFuture of Public Key Infrastructure
Future of Public Key Infrastructure
 
Web of Domotics Poster
Web of Domotics PosterWeb of Domotics Poster
Web of Domotics Poster
 
electronic_payment_system_in_korea_eng
electronic_payment_system_in_korea_engelectronic_payment_system_in_korea_eng
electronic_payment_system_in_korea_eng
 
Digital authentication
Digital authenticationDigital authentication
Digital authentication
 
Chapter 06 Information Technology Act 2000
Chapter 06 Information Technology Act 2000Chapter 06 Information Technology Act 2000
Chapter 06 Information Technology Act 2000
 
Certifying authorities rules 2000
Certifying authorities rules 2000Certifying authorities rules 2000
Certifying authorities rules 2000
 
The Fact-Finding Security Examination in NFC-enabled Mobile Payment System
The Fact-Finding Security Examination in NFC-enabled Mobile Payment System The Fact-Finding Security Examination in NFC-enabled Mobile Payment System
The Fact-Finding Security Examination in NFC-enabled Mobile Payment System
 
Public Key Infrastructure (PKI) Market 2021 - Regional Outlook and Competitiv...
Public Key Infrastructure (PKI) Market 2021 - Regional Outlook and Competitiv...Public Key Infrastructure (PKI) Market 2021 - Regional Outlook and Competitiv...
Public Key Infrastructure (PKI) Market 2021 - Regional Outlook and Competitiv...
 
The State of FIDO
The State of FIDOThe State of FIDO
The State of FIDO
 
Secur Digital Presentation 22jul10 Frm Show
Secur Digital Presentation 22jul10 Frm ShowSecur Digital Presentation 22jul10 Frm Show
Secur Digital Presentation 22jul10 Frm Show
 
S K Sinha
S K SinhaS K Sinha
S K Sinha
 
Electronic signature
Electronic signatureElectronic signature
Electronic signature
 
OpenID Foundation MODRNA WG
OpenID Foundation MODRNA WGOpenID Foundation MODRNA WG
OpenID Foundation MODRNA WG
 
Information technology-act 2000- an overview-sethassociatesppt
Information technology-act 2000- an overview-sethassociatespptInformation technology-act 2000- an overview-sethassociatesppt
Information technology-act 2000- an overview-sethassociatesppt
 
Mobilized Secure Login - motionQR Use Case
Mobilized Secure Login - motionQR Use CaseMobilized Secure Login - motionQR Use Case
Mobilized Secure Login - motionQR Use Case
 
south asian mobile conference 2011 -sanjaya
south asian mobile conference 2011 -sanjayasouth asian mobile conference 2011 -sanjaya
south asian mobile conference 2011 -sanjaya
 
Combating Financial Fraud and Cyber-Crime on Mobile
Combating Financial Fraud and Cyber-Crime on MobileCombating Financial Fraud and Cyber-Crime on Mobile
Combating Financial Fraud and Cyber-Crime on Mobile
 
Introduction to Mobile Connect
Introduction to Mobile ConnectIntroduction to Mobile Connect
Introduction to Mobile Connect
 
OpenID Foundation MODRNA WG
OpenID Foundation MODRNA WGOpenID Foundation MODRNA WG
OpenID Foundation MODRNA WG
 
Null pune 1st March-news bytes
Null pune 1st March-news bytesNull pune 1st March-news bytes
Null pune 1st March-news bytes
 

Destaque

634062fall11copyrtcarmonaversion3
634062fall11copyrtcarmonaversion3634062fall11copyrtcarmonaversion3
634062fall11copyrtcarmonaversion3cherubess
 
Jasmne thompson
Jasmne thompsonJasmne thompson
Jasmne thompsonscox31082
 
My project about plants
My project about plantsMy project about plants
My project about plantsjugafoce
 
Digital Music Production Preview
Digital Music Production PreviewDigital Music Production Preview
Digital Music Production PreviewMatt Powers
 
Fostering Global Citizenship in the English Class
Fostering Global Citizenship in the English ClassFostering Global Citizenship in the English Class
Fostering Global Citizenship in the English ClassJennifer D. Klein
 
Tele-homeopathy Mind Technologies- eINDIA2011
Tele-homeopathy Mind Technologies- eINDIA2011Tele-homeopathy Mind Technologies- eINDIA2011
Tele-homeopathy Mind Technologies- eINDIA2011eletseditorial
 
האמת מאחורי ההסכם
האמת מאחורי ההסכםהאמת מאחורי ההסכם
האמת מאחורי ההסכםlioradler
 
Parallel Session 2.1 Capable, Integrated and Fit for the Future
Parallel Session 2.1 Capable, Integrated and Fit for the FutureParallel Session 2.1 Capable, Integrated and Fit for the Future
Parallel Session 2.1 Capable, Integrated and Fit for the FutureNHSScotlandEvent
 
Baani Group studio appartment 7428424386
Baani Group studio appartment 7428424386Baani Group studio appartment 7428424386
Baani Group studio appartment 7428424386rkkeshri
 

Destaque (20)

Gramm
GrammGramm
Gramm
 
We Guardian April' 2015
We Guardian April' 2015We Guardian April' 2015
We Guardian April' 2015
 
634062fall11copyrtcarmonaversion3
634062fall11copyrtcarmonaversion3634062fall11copyrtcarmonaversion3
634062fall11copyrtcarmonaversion3
 
Prueba prezi
Prueba preziPrueba prezi
Prueba prezi
 
Jasmne thompson
Jasmne thompsonJasmne thompson
Jasmne thompson
 
My project about plants
My project about plantsMy project about plants
My project about plants
 
9.4 notes
9.4 notes9.4 notes
9.4 notes
 
Digital Music Production Preview
Digital Music Production PreviewDigital Music Production Preview
Digital Music Production Preview
 
Fostering Global Citizenship in the English Class
Fostering Global Citizenship in the English ClassFostering Global Citizenship in the English Class
Fostering Global Citizenship in the English Class
 
6.9 notes
6.9 notes6.9 notes
6.9 notes
 
We guardians April''13
We guardians April''13We guardians April''13
We guardians April''13
 
7.5 notes
7.5 notes7.5 notes
7.5 notes
 
Raspberries
RaspberriesRaspberries
Raspberries
 
Tele-homeopathy Mind Technologies- eINDIA2011
Tele-homeopathy Mind Technologies- eINDIA2011Tele-homeopathy Mind Technologies- eINDIA2011
Tele-homeopathy Mind Technologies- eINDIA2011
 
California 2
California 2California 2
California 2
 
We Guardians Feb 2014
We Guardians Feb 2014We Guardians Feb 2014
We Guardians Feb 2014
 
האמת מאחורי ההסכם
האמת מאחורי ההסכםהאמת מאחורי ההסכם
האמת מאחורי ההסכם
 
Parallel Session 2.1 Capable, Integrated and Fit for the Future
Parallel Session 2.1 Capable, Integrated and Fit for the FutureParallel Session 2.1 Capable, Integrated and Fit for the Future
Parallel Session 2.1 Capable, Integrated and Fit for the Future
 
Miss cox
Miss coxMiss cox
Miss cox
 
Baani Group studio appartment 7428424386
Baani Group studio appartment 7428424386Baani Group studio appartment 7428424386
Baani Group studio appartment 7428424386
 

Semelhante a Rajan Raj Pant

Controls for Digital Signature (e-Sign) Cloud Network & eCommerce Application
Controls for Digital Signature (e-Sign) Cloud Network & eCommerce ApplicationControls for Digital Signature (e-Sign) Cloud Network & eCommerce Application
Controls for Digital Signature (e-Sign) Cloud Network & eCommerce ApplicationMufaddal Nullwala
 
Pay-Cloak:Biometric
Pay-Cloak:BiometricPay-Cloak:Biometric
Pay-Cloak:Biometricijtsrd
 
Key Security Measures Behind Digital Payment Systems
Key Security Measures Behind Digital Payment SystemsKey Security Measures Behind Digital Payment Systems
Key Security Measures Behind Digital Payment SystemsITIO Innovex
 
Managing & Securing the Online and Mobile banking - Chew Chee Seng
Managing & Securing the Online and Mobile banking - Chew Chee SengManaging & Securing the Online and Mobile banking - Chew Chee Seng
Managing & Securing the Online and Mobile banking - Chew Chee SengKnowledge Group
 
Revolutionizing digital authentication with gsma mobile connect
Revolutionizing digital authentication with gsma mobile connectRevolutionizing digital authentication with gsma mobile connect
Revolutionizing digital authentication with gsma mobile connectKeet Sugathadasa
 
Security & Seamless CX in User Authentication: How to Achieve Both?
Security & Seamless CX in User Authentication: How to Achieve Both?Security & Seamless CX in User Authentication: How to Achieve Both?
Security & Seamless CX in User Authentication: How to Achieve Both?Ivona M
 
NEC's Digital Identity Platform for Federal Agencies
NEC's Digital Identity Platform for Federal AgenciesNEC's Digital Identity Platform for Federal Agencies
NEC's Digital Identity Platform for Federal AgenciesInteractiveNEC
 
IDENTITY PLATFORMS: How central, flexible, deployment of multiple authenticat...
IDENTITY PLATFORMS: How central, flexible, deployment of multiple authenticat...IDENTITY PLATFORMS: How central, flexible, deployment of multiple authenticat...
IDENTITY PLATFORMS: How central, flexible, deployment of multiple authenticat...Entrust Datacard
 
Information technology act 2000.avi
Information technology act 2000.aviInformation technology act 2000.avi
Information technology act 2000.aviavinashmsy
 
פתרונות ביומטריים - רשיונות נהיגה ביומטריים | קומדע
פתרונות ביומטריים - רשיונות נהיגה ביומטריים | קומדעפתרונות ביומטריים - רשיונות נהיגה ביומטריים | קומדע
פתרונות ביומטריים - רשיונות נהיגה ביומטריים | קומדעZeev Shetach
 
Online Voting System Using Blockchain Technology
Online Voting System Using Blockchain TechnologyOnline Voting System Using Blockchain Technology
Online Voting System Using Blockchain TechnologyIRJET Journal
 
General discussion paper for airports
General discussion paper for airportsGeneral discussion paper for airports
General discussion paper for airportsRexcy
 
General discussion paper for airports
General discussion paper for airportsGeneral discussion paper for airports
General discussion paper for airportsChas Yap
 
Mobile Ad Hoc Networks ( Manets )
Mobile Ad Hoc Networks ( Manets )Mobile Ad Hoc Networks ( Manets )
Mobile Ad Hoc Networks ( Manets )Heather Vargas
 
Reinventing Cybersecurity in the Internet of Things
Reinventing Cybersecurity in the Internet of ThingsReinventing Cybersecurity in the Internet of Things
Reinventing Cybersecurity in the Internet of ThingsNirmal Misra
 
151022_oml_reinventing_cybersecurity_IoT_v1p
151022_oml_reinventing_cybersecurity_IoT_v1p151022_oml_reinventing_cybersecurity_IoT_v1p
151022_oml_reinventing_cybersecurity_IoT_v1pStéphane Roule
 
A MOBILE BASED ANTI-PHISHING AUTHENTICATION SCHEME USING CHALLENGE-RESPONSE A...
A MOBILE BASED ANTI-PHISHING AUTHENTICATION SCHEME USING CHALLENGE-RESPONSE A...A MOBILE BASED ANTI-PHISHING AUTHENTICATION SCHEME USING CHALLENGE-RESPONSE A...
A MOBILE BASED ANTI-PHISHING AUTHENTICATION SCHEME USING CHALLENGE-RESPONSE A...ijiert bestjournal
 

Semelhante a Rajan Raj Pant (20)

BRIEFING ON THE UAE NATIONAL ID CARD PROJECT
BRIEFING ON THE UAE NATIONAL ID CARD PROJECTBRIEFING ON THE UAE NATIONAL ID CARD PROJECT
BRIEFING ON THE UAE NATIONAL ID CARD PROJECT
 
Controls for Digital Signature (e-Sign) Cloud Network & eCommerce Application
Controls for Digital Signature (e-Sign) Cloud Network & eCommerce ApplicationControls for Digital Signature (e-Sign) Cloud Network & eCommerce Application
Controls for Digital Signature (e-Sign) Cloud Network & eCommerce Application
 
Pay-Cloak:Biometric
Pay-Cloak:BiometricPay-Cloak:Biometric
Pay-Cloak:Biometric
 
Key Security Measures Behind Digital Payment Systems
Key Security Measures Behind Digital Payment SystemsKey Security Measures Behind Digital Payment Systems
Key Security Measures Behind Digital Payment Systems
 
Managing & Securing the Online and Mobile banking - Chew Chee Seng
Managing & Securing the Online and Mobile banking - Chew Chee SengManaging & Securing the Online and Mobile banking - Chew Chee Seng
Managing & Securing the Online and Mobile banking - Chew Chee Seng
 
Revolutionizing digital authentication with gsma mobile connect
Revolutionizing digital authentication with gsma mobile connectRevolutionizing digital authentication with gsma mobile connect
Revolutionizing digital authentication with gsma mobile connect
 
Identity and Mobility in a Digital World
Identity and Mobility in a Digital WorldIdentity and Mobility in a Digital World
Identity and Mobility in a Digital World
 
Security & Seamless CX in User Authentication: How to Achieve Both?
Security & Seamless CX in User Authentication: How to Achieve Both?Security & Seamless CX in User Authentication: How to Achieve Both?
Security & Seamless CX in User Authentication: How to Achieve Both?
 
NEC's Digital Identity Platform for Federal Agencies
NEC's Digital Identity Platform for Federal AgenciesNEC's Digital Identity Platform for Federal Agencies
NEC's Digital Identity Platform for Federal Agencies
 
IDENTITY PLATFORMS: How central, flexible, deployment of multiple authenticat...
IDENTITY PLATFORMS: How central, flexible, deployment of multiple authenticat...IDENTITY PLATFORMS: How central, flexible, deployment of multiple authenticat...
IDENTITY PLATFORMS: How central, flexible, deployment of multiple authenticat...
 
Information technology act 2000.avi
Information technology act 2000.aviInformation technology act 2000.avi
Information technology act 2000.avi
 
פתרונות ביומטריים - רשיונות נהיגה ביומטריים | קומדע
פתרונות ביומטריים - רשיונות נהיגה ביומטריים | קומדעפתרונות ביומטריים - רשיונות נהיגה ביומטריים | קומדע
פתרונות ביומטריים - רשיונות נהיגה ביומטריים | קומדע
 
Online Voting System Using Blockchain Technology
Online Voting System Using Blockchain TechnologyOnline Voting System Using Blockchain Technology
Online Voting System Using Blockchain Technology
 
General discussion paper for airports
General discussion paper for airportsGeneral discussion paper for airports
General discussion paper for airports
 
General discussion paper for airports
General discussion paper for airportsGeneral discussion paper for airports
General discussion paper for airports
 
Mobile Ad Hoc Networks ( Manets )
Mobile Ad Hoc Networks ( Manets )Mobile Ad Hoc Networks ( Manets )
Mobile Ad Hoc Networks ( Manets )
 
Urban e governance
Urban e governanceUrban e governance
Urban e governance
 
Reinventing Cybersecurity in the Internet of Things
Reinventing Cybersecurity in the Internet of ThingsReinventing Cybersecurity in the Internet of Things
Reinventing Cybersecurity in the Internet of Things
 
151022_oml_reinventing_cybersecurity_IoT_v1p
151022_oml_reinventing_cybersecurity_IoT_v1p151022_oml_reinventing_cybersecurity_IoT_v1p
151022_oml_reinventing_cybersecurity_IoT_v1p
 
A MOBILE BASED ANTI-PHISHING AUTHENTICATION SCHEME USING CHALLENGE-RESPONSE A...
A MOBILE BASED ANTI-PHISHING AUTHENTICATION SCHEME USING CHALLENGE-RESPONSE A...A MOBILE BASED ANTI-PHISHING AUTHENTICATION SCHEME USING CHALLENGE-RESPONSE A...
A MOBILE BASED ANTI-PHISHING AUTHENTICATION SCHEME USING CHALLENGE-RESPONSE A...
 

Mais de eletseditorial

3 d technology in education :: Podar International School
3 d technology in education :: Podar International School3 d technology in education :: Podar International School
3 d technology in education :: Podar International Schooleletseditorial
 
Nalini Chandran, Director
Nalini Chandran, Director Nalini Chandran, Director
Nalini Chandran, Director eletseditorial
 
Dr Anita Priyadarshini
Dr Anita Priyadarshini Dr Anita Priyadarshini
Dr Anita Priyadarshini eletseditorial
 
World education summit 2011 [inaugural session]
World education summit 2011 [inaugural session]World education summit 2011 [inaugural session]
World education summit 2011 [inaugural session]eletseditorial
 

Mais de eletseditorial (20)

3 d technology in education :: Podar International School
3 d technology in education :: Podar International School3 d technology in education :: Podar International School
3 d technology in education :: Podar International School
 
Nalini Chandran, Director
Nalini Chandran, Director Nalini Chandran, Director
Nalini Chandran, Director
 
Rachna Swarup
Rachna Swarup Rachna Swarup
Rachna Swarup
 
Murli K S
Murli K S Murli K S
Murli K S
 
Dr Kuldeep Agarwal,
Dr Kuldeep Agarwal, Dr Kuldeep Agarwal,
Dr Kuldeep Agarwal,
 
Mark Parkinson
Mark Parkinson Mark Parkinson
Mark Parkinson
 
Nagraj G Honnekeri
Nagraj G Honnekeri Nagraj G Honnekeri
Nagraj G Honnekeri
 
Shraman Jha
Shraman Jha Shraman Jha
Shraman Jha
 
Dr Melor Md yunus
Dr Melor Md yunus Dr Melor Md yunus
Dr Melor Md yunus
 
Dinesh Kumar
Dinesh Kumar Dinesh Kumar
Dinesh Kumar
 
Veena Raizada
Veena Raizada Veena Raizada
Veena Raizada
 
Amit Gupta
Amit Gupta Amit Gupta
Amit Gupta
 
Dr Anita Priyadarshini
Dr Anita Priyadarshini Dr Anita Priyadarshini
Dr Anita Priyadarshini
 
Dr Anjalee Prakash
Dr Anjalee Prakash Dr Anjalee Prakash
Dr Anjalee Prakash
 
Son Kuswadi
Son Kuswadi Son Kuswadi
Son Kuswadi
 
Mr. Raj Grover
Mr. Raj Grover Mr. Raj Grover
Mr. Raj Grover
 
Mr. Manish Upadhyay
Mr. Manish Upadhyay Mr. Manish Upadhyay
Mr. Manish Upadhyay
 
Dr Thomas Christie
Dr Thomas Christie Dr Thomas Christie
Dr Thomas Christie
 
Prof K R Srivathsan
Prof K R Srivathsan Prof K R Srivathsan
Prof K R Srivathsan
 
World education summit 2011 [inaugural session]
World education summit 2011 [inaugural session]World education summit 2011 [inaugural session]
World education summit 2011 [inaugural session]
 

Último

[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessPixlogix Infotech
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEarley Information Science
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUK Journal
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)wesley chun
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsJoaquim Jorge
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 

Último (20)

[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your Business
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 

Rajan Raj Pant

  • 1. Comprehensive National Authentication Framework using Digital Certificate and One Time Passwords Rajan Raj Pant Controller Office of Controller of Certification Ministry of Science & Technology
  • 2. The State of User Authentication Passwords still dominate, but continue to weaken The need for strong authentication continues to grow Increasing number of business processes moving online Employee mobility expanding – demand for anywhere anytime access to information Compliance and notification laws proliferate Phishing attacks have increased dramatically (see www.antiphishing.org) 2
  • 3. Digital Certificates Digital certificates: An electronic document that utilizes amethod to bind together: A public key An identity Can be used to verify that a public key belongs to an individual 3 Digital Certificate
  • 4. One Time Passwords (OTP) 4 Software Token on PC Software Token on Mobile Device OTP On-demand Delivered: Via hardware token Software application on PC or smart device Over an SMS channel Can only be used once Hardware Token
  • 5. Lightweight OTP and Legal validity using Digital Certificates – Mantra of Hybrid Authentication All Citizen Centric Internet Applications can utilize the single Authentication framework without having to reinvest into citizen registration thereby saving thousands of dollars in user management Applications can choose OTP for lightweight authentication while Digital Certificates where non-repudiation and digital signing may be necessary. Not all applications require digital signatures but all applications definitely need “strong 2 Factor Authentication” Citizen would be safe from password based vulnerabilities and would also not be required to remember multiple authentication schemes across the various public and private enterprises thereby increasing convenience manifold With government support a uniform and strong authentication service would be available for all to access – a major deterrent for technology adoption is the initial cost of procurement and maintenance – this is completely eliminated by the government providing the same as a service to all enterprises and citizens alike The framework can be easily extended to newer authentication technologies e.g. Risk Based authentication, Knowledge based authentication etc.. 5 OTP Authentication PKI Authentication & Services eCommerce Site Internet Banking Site
  • 6. Digital Certificate Management Components 6 Registration Manager Certificate Manager User Validation Client Key Recovery Manager Web Server Card Manager Validation Manager
  • 7. CCA Digital Certificate Management Components
  • 8.
  • 12. Extended validation SSL certificatesIdentity validation Device identification Non-repudiation support Confidential communications Trusted websites
  • 14. Southern Asia, between India and China ISP = 12 Telecom Operator = 4 Area: 147,181 sq km, Land: 143,351, Water: 3,830 sq km Population: 29,391,883 (June 2011) country comparison to the world: 41 10
  • 16. Land of Mt. Everest 12
  • 18. 14
  • 19. 15
  • 20. 16
  • 21. 17
  • 22. Vision 18 “The Value Networking Nepal” through – Citizen-centered service Transparent Service Networking Government Knowledge Based Society
  • 23. Nepal Factsheet Population: 29,391,883 (June 2011) country comparison to the world: 41 Internet hosts: 43,928 (2010) country comparison to the world: 91 Internet users: 2,426,357(June 2011) country comparison to the world: 116 Internet penetration: 8.49 % ETA 2006, IT Policy, Password Practices, IT Security Guidelines (to be passed) Current Penetration of Mobile: 24.35 % 19
  • 25. 21
  • 26. IT Trends in Nepal 22 Present Future E-mail Facebook Skype IRD Online Tax Return PKI E-Passport E-Banking Online Postbox NID DR Center GIDC Mobile Cash Digitization Of Land Map Vehicle Registration GEA
  • 27. 23 Security Layers Threats Applications Security Destruction Corruption Services Security Removal Disclosure Interruption Infrastructure Security Attacks Security Planes Security Dimensions Control Plane Management Plane Technology Architecture- Security Privacy Authentication Non-Repudiation Data Confidentiality Communications Security Data Integrity Availability Access Control Vulnerabilities End User Plane
  • 28. Initiations ITERT IT Security Guidelines Code of Conduct for IT Government Network 24
  • 29. Cyber Crime 21 Cases so far reported Mostly Social Engineering from Facebook Hacking 38 cases up to May 2011 25
  • 30.
  • 34. Lack of proper co-ordination among IT agencies
  • 35. Lack of proper implementation and monitoring of the existing rules and regulation
  • 36. Not keeping IT in the priority list
  • 37.
  • 38. 28 OCC Implementation of ETA License to ICA Monitor and Supervision of ICAs Information Security Relates works IT Security Audit Investigation Agency Functions