A National e-authentication Service

Size: px

Start display at page:

Download "A National e-authentication Service"

Brook Barker
6 years ago
Views:

1 e-pramaan A National e-authentication Service

2 State of Art Disparate methods of authentication across e-gov Services Unsecured communication channel for credential exchange in multiple cases Non-availability of standard for e-authentication for public services Need for multi-factor authentication Increase in online services leads to multiple login credentials Possibility of phishing attacks 2

3 e-pramaan e-pramaan is envisaged by Ministry of Electronics and Information Technology (MeitY) to provide a uniform standard based secured authentication mechanisms for all government departments. e-pramaan offers - secure authentication with four levels (password, OTP, Digital Certificate, Biometrics) of assurances ; credentials of users using different e-governance services; SAML 2.0 (Security Assertion Markup Language) based SSO (Single- Sign On) implementation; and much more. 3

4 e-pramaan e-pramaan Services User Login 4

5 e-pramaan Password Basic authentication with username and password; Image password also available One Time Password , Mobile or Mobile app based OTP Digital Certificate Authentication via hardware or software token Biometric Aadhaar based finger print / iris authentication 5

6 Features Standard based multifactor strong e-authentication development Java, PHP, Dotnet Support Single Sign On (SSO) SAML 2.0 feature across all integrated services Flexible Authentication Chaining for Services Secure communication channel Seamless upgrade to new technologies Two way authentication skoch order of merit Role based First Level of Authorization Support for Aadhaar based Authentication 7

7 7

8 User Registration Options Without Id Proof UIDAI CBDT ECI ---> A ---> PASSPORT Driving Licence 8

9 Integration as multiple services Department / SP Service I e-pramaan Authentication Framework Service ID: Auth Level: Pwd + OTP Service II Service ID: Auth Level: OTP + DSC Service n Service ID: 1000x Auth Level: BIO + OTP e-pramaan Connector, Connector might be Java/.Net/PHP depending on services 12

10 Single portal with multiple services e-pramaan Authentication Framework Connector Department / SP Service I Service ID: Auth Level: Pwd + OTP Service II Service ID: Auth Level: OTP + DSC Service n Service ID: 1000x Auth Level: BIO + OTP One time integration effort across multiple services Independent authentication options for each services Can be used where single connector (Java / PHP/.Net) is used for multiple services. 13

11 Integration Process Service Portal Username Password User Login Login through e-pramaan User Login Service Portal e-pramaan Portal Service Portal SSO Request creation Authentication SSO token & User Logged IN User Log out Service Portal SLO Request creation e-pramaan Portal Session clear Service Portal Session clear & Successful Logout 11

12 Current User ID Mapping Options Departments can mandate if they want users with only valid Aadhaar (a particular ID proof) Three levels of mapping of users is supported: 1. Aadhaar based 2. Service User ID based 3. e-pramaan ID based The services can select any of these for mappingtheir users depending upon the requirements of the service. Support for Role based user mapping A 12

13 Integration Setups Integration & Testing Service e-pramaan Staging server On Successful Completion Integration Service e-pramaan Production server 13

14 C-DAC ASA / AUA Aadhaar Ecosystem e-pramaan Service C-DAC AUA ASA UIDAI Data Centre Government Departments/ Private Organizations Authentication Service (demographic, biometric) Best Finger Detection (BFD) One Time Password (OTP) Aadhaar Mobile Update e-kyc Service 14

15 C-DAC ASA / AUA Activities ASA-AUA /e-kyc Setup up and running in production ASA Migration from TLS 1.0 to TLS 1.2 Mobile Update Application Connectivity to SDC Bangalore Established ASA-AUA Activities Connectivity to Manesar DC 33Departments integrated with more than 1 Cr transactionsso far Client Portal 15

16 New Features Mobile App of e-pramaan Image Password Automation URLs filling during SP registration In Progress- IRIS based authentication Integration with Driving Licence Authority for ID 16

17 Statistics Department e-pramaan Transactions 49 e-pramaan 3,872 ASA-AUA 33 ASA-AUA 1,31,52,192 17

18 Thank You! 18

e-sign and TimeStamping

e-sign and TimeStamping Dr. Balaji Rajendran Centre for Development of Advanced Computing (C-DAC) Bangalore Under the Aegis of Controller of Certifying Authorities (CCA) Government of India 1 Recent Developments: