Presentation is loading. Please wait.

Presentation is loading. Please wait.

E-Procurement: Digital Signatures and Role of Certifying Authorities Jagdeep S. Kochar CEO, (n)Code Solutions.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "E-Procurement: Digital Signatures and Role of Certifying Authorities Jagdeep S. Kochar CEO, (n)Code Solutions."— Presentation transcript:

1 E-Procurement: Digital Signatures and Role of Certifying Authorities Jagdeep S. Kochar CEO, (n)Code Solutions

2 E-Procurement in India Central Government State Governments: Andhra, Karnataka, Gujarat Public Sector Units Some Organizations: –NIC for Central Government –DGS&D –Northern Railway –IFFCO –GNFC

3 The ‘PAIN’ of Online Transactions ? Claims Not Sent Not Received (P)rivacy / Confidentiality (I)ntegrity (A)uthentication(N)on-repudiation Interception Modification Fabrication Is my communication private? Has my communication been altered? Who am I dealing with?Who sent/received it and when?

4 Where do Digital Signatures come in? Passwords are a weak method of authentication Passwords donot ensure integrity Passwords can be broken, guessed, leaked, extracted, etc. A Digital Signature can not be duplicated, guessed, broken, etc. No legal protection for disputes in case of other authentication methods In short ; Digital Signatures are an effective remedy against ‘PAIN’ of e-Transactions

5 Digital Signatures and e-Procurement

6 Where does buyer use PKI ? Secure Login Tender floating Corrigendum Secure communications with vendors Tender opening Clarifications and negotiations Digitally signed PO/WO Digitally Signed Archives

7 Where does Vendor use PKI ? Secure Login Secure storage of content Tender submission Encryption using buyer’s public key Clarifications and negotiations

8 Digital Signing of the Data Electronic Data Digital Signature Electronic Data Hash Function Signing Function Hash Result Private of A Signed Data Only Private Key holder can sign

9 Digital Signature Verification Anyone can verify Electronic Data Hash Function Hash Result Valid compare Yes / No ? Signed Data Verify Function Hash Result Digital Signature Public of A So the receiver can compare hashes to verify the signature

10 Digital Signature & the Law The IT Act 2000 provides : –Legal and regulatory framework for promotion of e- Commerce and e-Governance –Legal validity for Electronic transactions / contracts and records –For appointment of Certifying Authorities to issue Digital Certificates –The legal framework for electronic filing of documents –For prevention of computer crime, forgery, falsification of identity in e-Commerce transactions

11 Structure of PKI in India CCA India / ROOT CA ( Ministry of Information Technology ) Licensed Certifying Authority Licensed Certifying Authority Licensed Certifying Authority Subscriber

12 Components of PKI Certification Authorities (CAs) (Issuers) Registration Authorities (RAs) (Authorize the binding between Public Key & Certificate Holder) Certificate Holders (Subscribers) Relying Parties (Validate signatures & certificate paths) Repositories (Store & distribute certificates & status: expired, revoked, etc.) Certificate Holder Registration Authority Relying Party Application Web Server Internet Repository Certification Authority

13 Functions of a Certifying Authority Trusted Third Party Digital Certificates –Registration and Issuance –Revocation –Maintain –Provide Certificate Revocation Lists –Provide Support

14 Expectations of a CA Education and evangelism Support issues:Support vendors on Certificates and application 11 th hour delivery of Certificates to users PKI enablement of application

15 How can a CA add value  Secure Issuance of Digital Certificates  RA / LRA obligations to the CA  Verification of the users/documents  Provide the highest class / high assurance certificates  Provide consulting for secure application design

16 How can a CA add value (cont.)  SSL enabled site  Secure Application Design:  Digitally signed content at the client end  Digitally signed / encrypted content during data transfer  Data integrity / confidentiality to be taken care of during changing data by vendor / buyer Transfer of data from client/server Storage of data at the server

17 Types of certificates Email Signing certificates –( Popularly known as Class I Certificates ) Document / Component signing certificates without personal verification –(Popularly known as Class II Certificates ) Document / Component signing certificates with personal verification –(Popularly known as Class III Certificates )

18 Which certificate should be used ? The IT Act Guidelines for CA quotes : Class 3 Certificate: –This certificate will be issued to individuals as well as organizations. As these are high assurance certificates, primarily intended for e- commerce applications, they shall be issued to individuals only on their personal (physical) appearance before the Certifying Authorities.

19 Why Class 3 ? The biggest frauds have been based on documents. If the banks had opened DMAT accounts on the basis of personal presence the recent IPO scam could have been averted. A Class 3 asks for the physical appearance at the CA offices. This reduces the chances of identity frauds

20 Why use an e-Token ? Amendment to the IT Act 2000 –G.S.R. 735(E) dated 29 th October, 2004 –A secure digital signature shall be deemed to be secure for the purpose of the ACT if a cryptographic smartcard / token is used to create the key pair and the key pair remains the in the cryptographic token / Smartcard.

21 Case Studies IFFCO Northern Railway Govt. of Gujarat KSPHC How (n)Code helped e-procurement succeed

22 Thank you Jagdeep S Kochar jskochar@ncodesolutions.com

Download ppt "E-Procurement: Digital Signatures and Role of Certifying Authorities Jagdeep S. Kochar CEO, (n)Code Solutions."

Similar presentations

Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.

Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.
Digital Certificate Installation & User Guide For Class-2 Certificates.

Digital Certificate Installation & User Guide For Class-2 Certificates.
Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.

Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.
Digital Certificate Installation & User Guide For Class-2 Certificates.

Digital Certificate Installation & User Guide For Class-2 Certificates.
(n)Code Solutions A division of GNFC

(n)Code Solutions A division of GNFC
© Southampton City Council Sean Dawtry – Southampton City Council The Southampton Pathfinder for Smart Cards in public services.

© Southampton City Council Sean Dawtry – Southampton City Council The Southampton Pathfinder for Smart Cards in public services.
SECURITY IN E-COMMERCE VARNA FREE UNIVERSITY Prof. Teodora Bakardjieva.

SECURITY IN E-COMMERCE VARNA FREE UNIVERSITY Prof. Teodora Bakardjieva.
1st Expert Group Meeting (EGM) on Electronic Trade-ECO Cooperation on Trade Facilitation 23-25 May 2012, Kish Island, I.R.IRAN.

1st Expert Group Meeting (EGM) on Electronic Trade-ECO Cooperation on Trade Facilitation May 2012, Kish Island, I.R.IRAN.
1 Supplement III: Security Controls What security services should network systems provide? Confidentiality Access Control Integrity Non-repudiation Authentication.

1 Supplement III: Security Controls What security services should network systems provide? Confidentiality Access Control Integrity Non-repudiation Authentication.
ESign-Online Digital Signature Service February 2015 Controller of Certifying Authorities Department of Electronics and Information Technology Ministry.

ESign-Online Digital Signature Service February 2015 Controller of Certifying Authorities Department of Electronics and Information Technology Ministry.
Chief Information Officer Branch Gestion du dirigeant principal de l’information “We will have a world class public key infrastructure in place” Prime.

Chief Information Officer Branch Gestion du dirigeant principal de l’information “We will have a world class public key infrastructure in place” Prime.
6/1/20151 Digital Signature and Public Key Infrastructure Course:COSC513-01 Instructor:Professor Anvari Student ID:106845 Name:Xin Wen Date:11/25/00.

6/1/20151 Digital Signature and Public Key Infrastructure Course:COSC Instructor:Professor Anvari Student ID: Name:Xin Wen Date:11/25/00.
Public Key Infrastructure (PKI) Providing secure communications and authentication over an open network.

Public Key Infrastructure (PKI) Providing secure communications and authentication over an open network.
Department of Information Engineering1 Major Concerns in Electronic Commerce Authentication –there must be proof of identity of the parties in an electronic.

Department of Information Engineering1 Major Concerns in Electronic Commerce Authentication –there must be proof of identity of the parties in an electronic.
Application of Digital Signatures: Case Studies Jagdeep S Kochar Executive Director.

Application of Digital Signatures: Case Studies Jagdeep S Kochar Executive Director.
Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.

Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.
PUBLIC KEY INFRASTRUTURE Don Sheehy

PUBLIC KEY INFRASTRUTURE Don Sheehy
70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 9: Planning and Managing Certificate Services.

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 9: Planning and Managing Certificate Services.
Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.

Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.
Elias M. Awad Third Edition ELECTRONIC COMMERCE From Vision to Fulfillment 13-1© 2007 Prentice-Hall, Inc ELC 200 Day 23.

Elias M. Awad Third Edition ELECTRONIC COMMERCE From Vision to Fulfillment 13-1© 2007 Prentice-Hall, Inc ELC 200 Day 23.

Similar presentations

Ads by Google