Presentation is loading. Please wait.

Presentation is loading. Please wait.

ESign-Online Digital Signature Service February 2015 Controller of Certifying Authorities Department of Electronics and Information Technology Ministry.

Published byChrystal McCormick Modified over 9 years ago

Similar presentations

Presentation on theme: "ESign-Online Digital Signature Service February 2015 Controller of Certifying Authorities Department of Electronics and Information Technology Ministry."— Presentation transcript:

1 eSign-Online Digital Signature Service February 2015 Controller of Certifying Authorities Department of Electronics and Information Technology Ministry of Communications and Information Technology

2 The Information Technology (IT) Act 2000 The IT Act, 2000 provides legal sanctity to Digital signatures Digital signatures are accepted at par with handwritten signatures. Electronic documents that have been digitally signed are treated at par with paper documents signed in the traditional way. The IT Act provides the basic legal and administrative framework for e-commerce, and promotes its growth by creating trust in electronic environment.

3 Controller of Certifying Authorities The IT Act provides for the Controller of Certifying Authorities (CCA) to license and regulate the working of Certifying Authorities Certifying Authorities (CAs) issue Digital Signature Certificates(DSC) for authentication of users in cyberspace. Prior to issuing a DSC, the Certifying Authority (CA) is required to verify the credentials of the applicant as stated in the Application Form and in supporting documents that are attached.

4 Public Key Infrastructure (PKI) The Public Key Infrastructure (PKI) in the country comprises the CCA and the CAs, Users and Relying Parties, and policies and procedures The CCA is at the root of the trust chain hierarchy in India. As the foundation for secure Internet applications, it ensures authentic communications that cannot be repudiated.

5 Public Key Infrastructure

6 Issuance of DSC

7 Challenges in scaling up usage of Digital Signatures Personal digital signature requires person’s identity verification and issuance of USB dongle having private key, secured with a password/pin. Current scheme of physical verification, document based identity validation, and issuance of physical dongles does not scale to a billion people. The major cost of the DSC is found to be the verification cost. Certifying Authorities engage Registration Authorities to carry out the verification of verification of credentials prior to issuance of certificate. Physical USB Dongle compliant to mandated standards also adds to the cost. Relying on the DSC applicant's information already available on the public database is an alternate to Manual verification. UIDAI provides one such alternative.

8 Credential Verification Verification of the Proof of Identity (PoI) and Proof of Address (PoA) is a pre-requisite for issuance of Digital Signature Certificates by Certifying Authorities. As part of the e-KYC process of Aadhaar, the resident authorizes UIDAI (through Aadhaar authentication using either biometric or OTP to provide their demographic data along with their photograph (digitally signed and encrypted) to service providers.

9 eSign eSign facilitates digitally signing a document by an Aadhaar holder using an Online Service. Digital Signature is created using authentication of consumer through Aadhaar eKYC service. eSign is an integrated service that facilitates issuing a Digital Signature Certificate and performing Signing of requested data by authenticating Aadhaar holder. Aadhaar id is mandatory for availing eSign Service. Electronic Signature or Electronic Authentication Technique and Procedure Rules, 2015 has been notified to provide the legal framework

10 eSign Overview

11 eSign - Benefits  Save cost and time  Aadhaar e-KYC based authentication  improve user convenience  Mandatory Aadhaar ID  Easy to apply Digital Signature  Biometric or OTP (optionally with PIN) based authentication  Verifiable Signatures and Signatory  Flexible and fast integration with application  Legally recognized  Suitable for individual, business and Government  Managed by Licensed CAs  API subscription Model  Privacy concerns addressed  Integrity with a complete audit trail  Simple Signature verification  Immediate destruction of keys after usage  Short validity certificates  No key storage and key protection concerns.

12 Stakeholders Interaction

Download ppt "ESign-Online Digital Signature Service February 2015 Controller of Certifying Authorities Department of Electronics and Information Technology Ministry."

Similar presentations

HCQ P MEDICARES HEALTH CARE QUALITY IMPROVEMENT PROGRAM QualityNet Exchange Dennis Stricker Director, Information Systems Group Office of Clinical Standards.

HCQ P MEDICARES HEALTH CARE QUALITY IMPROVEMENT PROGRAM QualityNet Exchange Dennis Stricker Director, Information Systems Group Office of Clinical Standards.
Public Key Infrastructure and Applications

Public Key Infrastructure and Applications
© 1998-2003 ITU Telecommunication Development Bureau (BDT) – E-Strategy Unit.. Page - 1 Seminar on Standardization and ICT Development for the Information.

© ITU Telecommunication Development Bureau (BDT) – E-Strategy Unit.. Page - 1 Seminar on Standardization and ICT Development for the Information.
Digital Signatures in State of Tennessee Pam Roberts Finance & Administration Office for Information Resources Planning, Research & Development.

Digital Signatures in State of Tennessee Pam Roberts Finance & Administration Office for Information Resources Planning, Research & Development.
Experiences with Massive PKI Deployment and Usage Daniel Kouřil, Michal Procházka Masaryk University & CESNET Security and Protection of Information 2009.

Experiences with Massive PKI Deployment and Usage Daniel Kouřil, Michal Procházka Masaryk University & CESNET Security and Protection of Information 2009.
Digital Certificate Installation & User Guide For Class-2 Certificates.

Digital Certificate Installation & User Guide For Class-2 Certificates.
Installation & User Guide

Installation & User Guide
Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.

Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.
Digital Certificate Installation & User Guide For Class-2 Certificates.

Digital Certificate Installation & User Guide For Class-2 Certificates.
Digital Certificate Installation & User Guide For Class-2 Certificates.

Digital Certificate Installation & User Guide For Class-2 Certificates.
EDUCAUSE 2001, Indianapolis IN Securing e-Government: Implementing the Federal PKI David Temoshok Federal PKI Policy Manager GSA Office of Governmentwide.

EDUCAUSE 2001, Indianapolis IN Securing e-Government: Implementing the Federal PKI David Temoshok Federal PKI Policy Manager GSA Office of Governmentwide.
Electronic Filing Case Study NSW Land and Environment Court.

Electronic Filing Case Study NSW Land and Environment Court.
FIPS 201 Personal Identity Verification For Federal Employees and Contractors National Institute of Standards and Technology Information Technology Laboratory.

FIPS 201 Personal Identity Verification For Federal Employees and Contractors National Institute of Standards and Technology Information Technology Laboratory.
1st Expert Group Meeting (EGM) on Electronic Trade-ECO Cooperation on Trade Facilitation 23-25 May 2012, Kish Island, I.R.IRAN.

1st Expert Group Meeting (EGM) on Electronic Trade-ECO Cooperation on Trade Facilitation May 2012, Kish Island, I.R.IRAN.
Grid Security Infrastructure Tutorial Von Welch Distributed Systems Laboratory U. Of Chicago and Argonne National Laboratory.

Grid Security Infrastructure Tutorial Von Welch Distributed Systems Laboratory U. Of Chicago and Argonne National Laboratory.
Certification Authority. Overview  Identifying CA Hierarchy Design Requirements  Common CA Hierarchy Designs  Documenting Legal Requirements  Analyzing.

Certification Authority. Overview  Identifying CA Hierarchy Design Requirements  Common CA Hierarchy Designs  Documenting Legal Requirements  Analyzing.
Opening Presentation of Notary Reqs 8/5/2004 Tobias Gondrom.

Opening Presentation of Notary Reqs 8/5/2004 Tobias Gondrom.
Information security An introduction to Technology and law with focus on e-signature, encryption and third party service Yue Liu Feb.2008.

Information security An introduction to Technology and law with focus on e-signature, encryption and third party service Yue Liu Feb.2008.
Department of Information Engineering1 Major Concerns in Electronic Commerce Authentication –there must be proof of identity of the parties in an electronic.

Department of Information Engineering1 Major Concerns in Electronic Commerce Authentication –there must be proof of identity of the parties in an electronic.
Elitex ’08 : Securing Indian Cyber Space Interoperability and Standardisation issues for India PKI Sivarama Krishnan Executive Director PricewaterhouseCoopers.

Elitex ’08 : Securing Indian Cyber Space Interoperability and Standardisation issues for India PKI Sivarama Krishnan Executive Director PricewaterhouseCoopers.

Similar presentations

Ads by Google