SlideShare a Scribd company logo

Government Citizen ID using Java Card Platform

Ramesh Nagappan
Ramesh Nagappan
TechnologyBusiness
1 of 25
Download to read offline
Govt. Citizen ID with TM Java Card Platform Emphasis on the role and relevance of Java Card and Sun Identity Management Technologies Ramesh Nagappan Security Technologist, ISV-E ramesh.nagappan@sun.com http://www.coresecuritypatterns.com/blogs
Undisputed Market Leader in Multi-Application Smart Cards Loyalty Corporate Finance Telecom Government/Healthcare Armed Forces of the United States Photograph Organization Seal U.S. Navy DoD Civilian Parker IV, Last name First name,J. Christopher Initial Issue Date Chip September 30 2001 Expiration Date October 1 2001 Identification Card Slide 2 © Sun Microsystems 2009
Introduction to Java Card Technology Security and Portability with Reliability as Core Value Proposition • A Programmable Runtime engine for Smart cards > Open & Standards-based > Built for multi-application > Proven security (Enabling on-card PKI/Biometrics credentials based Physical/Logical Access Control) • A future-proof platform for Smart card based services > Dynamic application loading > Test-suite enforced interoperability > Cryptography and Biometrics support • A reference technology for Smart card issuers > Market leader in Security for Government and Citizen ID > Market leader in reliability for wireless, banking, ID > Choice of multi-sourcing – Obtain cards from multiple vendors Slide 3 © Sun Microsystems 2007
Java Card Adoption • 6 Billion Java Card Units deployed SIM Cards > Variety of form factors Secure Flash Memory • Leader in market segments > Telecom (Defacto for SIM card !) > Banking (Payment card) Passports USB Tokens > ID (Citizen/Govt/Defence/Intelligence) > PayTV (Cable/Dish Subscriber card) > Transport, Healthcare... Smart Cards Contactless Slide 4 © Sun Microsystems 2007
Java Card vs MULTOS Slide 5 © Sun Microsystems 2009
Java Card as Cryptographic Token PKI enabled Smart cards • A credit card sized computing device acts as a Cryptographic token. > Contact / Contactless cards Standards • ISO-7816 • Allows performing core PKI functions > Key generation • Java Card, Multos > Public/Private key operations • Global Platform > PIN/Biometric authentication • PC/SC > Challenge/response authentication • FIPS-201/PIV, CAC • Supports the use of Public-key infrastructure to • PKCS#11, PKCS#15 verify the Identity claim. • GSM/PCS > PKI credential issuance. > Credential validation/verification via OCSP, • EMV CRLs (Europay/Mastercard/Visa) • Defends against tampering and hacking. > PKI/Private key protection Using Smart card based PKI as an Authentication Credential Slide 6 © Sun Microsystems 2007
Java Card as Biometric Token Java Card based Biometric Identity Standards • Matching to Physiological or Behavioral • INCITS 378 / CBEFF (Fingerprints) characteristics to identify a person. • INCITS 379 (Iris) > High degree of assurance with proof of presence + proof of possession • OASIS BIAS > Fingerprints, Facial image/geometry, Iris • BioAPI images can be stored on card. • JavaCard BioAPI > Match on-card samples to live human samples. • FIPS-201 / PIV • Biometric templates can be stored on Smart card for personal identification. > Fingerprint template is ~200 bytes > Iris template is 500 bytes • Biometric credential must be exchanged in a secure network channel (Trusted path) Using Smart card based Biometrics as an Authentication Credential Slide 7 © Sun Microsystems 2007
Managing Govt ID Issuance Life-cycle Identity Management life-cycle events Identity Registration Identity Identity Enrollment & Termination Adjudication Credential Card/ Maintenance Credential Issuance Physical & Logical Access Control Slide 8 © Sun Microsystems 2009
Managing Govt ID Issuance Lifecycle Smartcard issuance life-cycle using Sun Identity Management Suite Demographic Data Physical Access Biometrics Control Sun Logical IDMS Access PKI Control Verified Credentials Identity ( Smartcard Proofing / Biometrics) Slide 9 © Sun Microsystems 2009
Sun IDM Authorization Workflow Hiring Enrollment HR Manager Officer Officer Approval/Denial Approval/Denial Approval/Denial Biometrics Identity Applicant Card Issuance & Breeder Documents Proofing & Registration Activation Enrollment Adjudication HR Enrollment Hiring Manager Officer Manager Approval/Denial Approval/Denial Approval/Denial Physical & Retirement / Credential Logical Access Termination Maintenance Provisioning • Sun IDM manages the authorization workflow and authority approval and denials. • Sun IDM facilitates digitally signed approvals using Smart card based credentials verified against a PKI provider. Slide 10 © Sun Microsystems 2009
Smart card based Credentials - Logical Access Control Sun Confidential: Sun Employees and Immersion Week 2008 Partner Attendees Only. 11
Sun Rays In a Govt eID Environment Security Manageability Reliability Mobility Value Sun Ray supports the use of most eID and CAC/PIV Cards Slide 12 © Sun Microsystems 2009
Logical Deployment of Sun Rays Smartcard based authentication – Virtual/Remote Desktop/Application environment PC & Thin Client users can Access layer The access tier Each user desktop Native protocols securely access their remote controls the user supports standard environment runs are used to access desktops & applications from access and Authentication on a virtual machine apps. any location using PIV Cards. application profiles. mechanisms: located in the corporate data No modification of It maintains audit LDAPv3 the OS or apps logs of user and center. Once PIV authenticated, the Active Directory required. app usage. All desktop and access tier establishes a NIS display connection to the user It provides the application device and a protocol display engine to the MS Windows communication connection to the back-end user desktop. Domain remains in the desktop OS and data center. applications. Combine existing Windows XP / 2003 Secure remote Desktop access from any authentication Virtualization Firewall Firewall location and authorization mechanisms using Sun Rays using Sun IDMS and Sun VDI PIV Credential Authentication Sun Access Tier Identity/Auth. ESX Virtualization Applications Sun Rays Data Center Slide 13 © Sun Microsystems 2009
Sun CMT Servers: Wire-speed Security UltraSPARC T2 offers On-chip Cryptographic Acceleration for PKI Applications • Sun UltraSPARC T2 offers industry- leading cryptography performance for PIV environments. > On-chip Crypto threads virtually eliminates large workloads with PKI & Cryptography. > Out-performs competition on SSL and Public-key crypto opertaions > Over 30x greater RSA1024 performance than 2-socket IBM p510 • Support common used ciphers for Public-key encryption and secure hashing functions > Public-key cryptography (RSA, DSA, Diffie-Hellman, ECC) > Bulk encryption (RC4, DES, 3DES, AES) > Secure hash (MD5, SHA-1, SHA-256) Slide 14 © Sun Microsystems 2009
Mandatory Access Control and Security Labels (Solaris TX) Slide 15 © Sun Microsystems 2009
U.S. Department of Defense Photograph Armed Forces of the United States • Military ID and Geneva Convention Card Organization Seal > Common credentials for verified identity U.S. Navy DoD Civilian Parker IV, Last name First name,J. Christopher Initial > DoD-wide health benefits ID card > Physical access and manifesting Issue Date Chip September 30 2001 Expiration Date October 1 2001 > Logical access with PKI/digital signature Identification Card • Well established security certification platform with numerous cards with FIPS-140 ratings > High-degree of Security and Assurance • Supports additional military branch-specific applications at issuance and post-issuance • Flexible to support original CAC format, CAC transitional format and PIV format (evolution of requirements) • Deployment: +3M active duty units. Over 12M units to date. Issuing +30K units a day at peek war periods Slide 16 © Sun Microsystems 2009
US Federal Employee PIV Card • Presidential Directive 12 (HSPD-12) mandated a Federal Government-wide smart card ID program. > Use of combined PKI and Biometric credentials • Dual interfaces for both for Physical and Logical access > Secure Contact/Contactless access to target resources • To date, all deployed PIV cards are Java Card > Conformance to Java Card 2.2.1 • By 2013 over 12 million PIV cards will have been issued • The PIV model is being replicated in the US Federal Govt in programs such as Travel Worker Identity Program (TWIC), First Responder ID, Immigration Cards and potentially Drivers Licensees Slide 17 © Sun Microsystems 2009
Taiwan Healthcare ID • National health insurance ID card • Multi-application smart card > Identification, medical profile and benefits > E-Purse capable > Restricted use by other governmental agencies to protect privacy • Supports open standards and post-issuance of new applications • 40M Java Cards deployed Slide 18 © Sun Microsystems 2009
Belgium National ID • First country in EU to deploy citizen ID card to entire population • Multi-application Java Card > Identification, e-Government Services, e-Voting, etc. > Filing Tax Returns, Birth Certs, Civil Records > Digital Certificates: Authentication, Digital Signature – PKCS15 Conformance > Commercial Applications: e-Banking, e- Ticketing • Common Criteria EAL 5+ Certified • Deployment: 40+ Million Java CardsSlide 19 © Sun Microsystems 2009
Thailand National ID Card • National Citizen ID card to entire population > Multi-application Java Card-based Smart Card > Personal ID, fingerprints, tax, social welfare and social security numbers, agricultural data and healthcare data. > Citizens will be able to access eGovernment services at e-government kiosks nationwide and by smart card readers integrated into desktop computers. • 60M+ Java Cards deployed Slide 20 © Sun Microsystems 2009
Oman National ID Card • First country in Middle East to start deploying large- scale citizen ID Card to entire population > Multi-application Java Card-based smart card > Provides positive identification with digital photograph, digital certificates and biometrics authentication > Have plans to add driver’s license, emergency medical data and border control applications • Deployment: 3M+ Java Cards Slide 21 © Sun Microsystems 2009
United Arab Emirates National ID • National Citizen ID Card to Entire Population > Multi-application Java Card-based Smart Card > Positive Identification with Digital Photograph, Digital Certificates and Fingerprint Biometrics Authentication > Enabled e-Government Services > Plans to add Driver’s License, Emergency Medical Data and Border Control Applications • Deployment: +4.5 Million Java Cards Slide 22 © Sun Microsystems 2009
Macau Government ID Card • Multi-application Java Card-based Smart Card > Identification, Border Control, E-Government, E-Commence and Public Services Access > Driver's License and E-Purse Envisioned in Future • Secure Laser Engraved Java Cards > Facial Image,Signature, and Fingerprint Biometrics > PKI/Certificates • GlobalPlatform-compatible Card Mgt. System Slide 23 © Sun Microsystems 2009
More...Java Card's Govt ID Successes •UK NHS and MoD •Canadian ePassports •Portugal National ID •Qatar National ID •Azerbaijan National ID •Morocco National ID •Finland National ID •Italy National ID •Queensland Australia Drivers License •And approximately 20 other countries exploring Java Card Slide 24 © Sun Microsystems 2009
Thank You ! Ramesh Nagappan ramesh.nagappan@sun.com http://www.coresecuritypatterns.com/blogs Brian Kowal Head, Java Card Marketing & Sales Brian.Kowal@sun.com

Recommended

Navigating the Customer Landscape
Navigating the Customer LandscapeNavigating the Customer Landscape
Navigating the Customer LandscapeDracos~Lemming Consulting
 
Amadeus: Multidomain MDM
Amadeus: Multidomain MDMAmadeus: Multidomain MDM
Amadeus: Multidomain MDMOrchestra Networks
 
Turning big data into big value césar hernandez
Turning big data into big value césar hernandezTurning big data into big value césar hernandez
Turning big data into big value césar hernandezAMDIA-Integra
 
Strategies to Monetize Energy Data - How Utilities Can Increase Their 'Earnin...
Strategies to Monetize Energy Data - How Utilities Can Increase Their 'Earnin...Strategies to Monetize Energy Data - How Utilities Can Increase Their 'Earnin...
Strategies to Monetize Energy Data - How Utilities Can Increase Their 'Earnin...Indigo Advisory Group
 
Data Analyst vs Data Engineer vs Data Scientist | Data Analytics Masters Prog...
Data Analyst vs Data Engineer vs Data Scientist | Data Analytics Masters Prog...Data Analyst vs Data Engineer vs Data Scientist | Data Analytics Masters Prog...
Data Analyst vs Data Engineer vs Data Scientist | Data Analytics Masters Prog...Edureka!
 
What Is Data Science? Data Science Course - Data Science Tutorial For Beginne...
What Is Data Science? Data Science Course - Data Science Tutorial For Beginne...What Is Data Science? Data Science Course - Data Science Tutorial For Beginne...
What Is Data Science? Data Science Course - Data Science Tutorial For Beginne...Edureka!
 
Business Intelligence: Multidimensional Analysis
Business Intelligence: Multidimensional AnalysisBusiness Intelligence: Multidimensional Analysis
Business Intelligence: Multidimensional AnalysisMichael Lamont
 
Rethinking Trust in Data
Rethinking Trust in Data Rethinking Trust in Data
Rethinking Trust in Data DATAVERSITY
 

Recommended

Navigating the Customer Landscape
Navigating the Customer LandscapeNavigating the Customer Landscape
Navigating the Customer LandscapeDracos~Lemming Consulting
 
Amadeus: Multidomain MDM
Amadeus: Multidomain MDMAmadeus: Multidomain MDM
Amadeus: Multidomain MDMOrchestra Networks
 
Turning big data into big value césar hernandez
Turning big data into big value césar hernandezTurning big data into big value césar hernandez
Turning big data into big value césar hernandezAMDIA-Integra
 
Strategies to Monetize Energy Data - How Utilities Can Increase Their 'Earnin...
Strategies to Monetize Energy Data - How Utilities Can Increase Their 'Earnin...Strategies to Monetize Energy Data - How Utilities Can Increase Their 'Earnin...
Strategies to Monetize Energy Data - How Utilities Can Increase Their 'Earnin...Indigo Advisory Group
 
Data Analyst vs Data Engineer vs Data Scientist | Data Analytics Masters Prog...
Data Analyst vs Data Engineer vs Data Scientist | Data Analytics Masters Prog...Data Analyst vs Data Engineer vs Data Scientist | Data Analytics Masters Prog...
Data Analyst vs Data Engineer vs Data Scientist | Data Analytics Masters Prog...Edureka!
 
What Is Data Science? Data Science Course - Data Science Tutorial For Beginne...
What Is Data Science? Data Science Course - Data Science Tutorial For Beginne...What Is Data Science? Data Science Course - Data Science Tutorial For Beginne...
What Is Data Science? Data Science Course - Data Science Tutorial For Beginne...Edureka!
 
Business Intelligence: Multidimensional Analysis
Business Intelligence: Multidimensional AnalysisBusiness Intelligence: Multidimensional Analysis
Business Intelligence: Multidimensional AnalysisMichael Lamont
 
Rethinking Trust in Data
Rethinking Trust in Data Rethinking Trust in Data
Rethinking Trust in Data DATAVERSITY
 
07. Analytics & Reporting Requirements Template
07. Analytics & Reporting Requirements Template07. Analytics & Reporting Requirements Template
07. Analytics & Reporting Requirements TemplateAlan D. Duncan
 
Chapter 2
Chapter 2Chapter 2
Chapter 2mekuanint sefi
 
Module 5 - Data Science Methodology.pdf
Module 5 - Data Science Methodology.pdfModule 5 - Data Science Methodology.pdf
Module 5 - Data Science Methodology.pdffathiah5
 
Introduction to Ethics of Big Data
Introduction to Ethics of Big DataIntroduction to Ethics of Big Data
Introduction to Ethics of Big Data28 Burnside
 
Covisint
CovisintCovisint
CovisintKittu Rajpal
 
Incorporating ERP metadata in your data models
Incorporating ERP metadata in your data modelsIncorporating ERP metadata in your data models
Incorporating ERP metadata in your data modelsChristopher Bradley
 
2021: The second wave of Fintech Disruption: Trends to watch out
2021: The second wave of Fintech Disruption: Trends to watch out2021: The second wave of Fintech Disruption: Trends to watch out
2021: The second wave of Fintech Disruption: Trends to watch outIndusNetMarketing
 
Introduction to Data Science and Analytics
Introduction to Data Science and AnalyticsIntroduction to Data Science and Analytics
Introduction to Data Science and AnalyticsSrinath Perera
 
Trilogy Model Of Knowledge Creation Cebrian,Methusael
Trilogy Model Of Knowledge Creation Cebrian,MethusaelTrilogy Model Of Knowledge Creation Cebrian,Methusael
Trilogy Model Of Knowledge Creation Cebrian,MethusaelMethusael Cebrian
 
Apply (Big) Data Analytics & Predictive Analytics to Business Application
Apply (Big) Data Analytics & Predictive Analytics to Business ApplicationApply (Big) Data Analytics & Predictive Analytics to Business Application
Apply (Big) Data Analytics & Predictive Analytics to Business ApplicationBig Data Engineering, Faculty of Engineering, Dhurakij Pundit University
 
Governance and Architecture in Data Integration
Governance and Architecture in Data IntegrationGovernance and Architecture in Data Integration
Governance and Architecture in Data IntegrationAnalytiX DS
 
Data Science Tutorial | What is Data Science? | Data Science For Beginners | ...
Data Science Tutorial | What is Data Science? | Data Science For Beginners | ...Data Science Tutorial | What is Data Science? | Data Science For Beginners | ...
Data Science Tutorial | What is Data Science? | Data Science For Beginners | ...Edureka!
 
Data literacy
Data literacyData literacy
Data literacyJayanta Nayek
 
The Importance of Master Data Management
The Importance of Master Data ManagementThe Importance of Master Data Management
The Importance of Master Data ManagementDATAVERSITY
 
Dbm630_lecture02-03
Dbm630_lecture02-03Dbm630_lecture02-03
Dbm630_lecture02-03Tokyo Institute of Technology
 
How to Strengthen Enterprise Data Governance with Data Quality
How to Strengthen Enterprise Data Governance with Data QualityHow to Strengthen Enterprise Data Governance with Data Quality
How to Strengthen Enterprise Data Governance with Data QualityDATAVERSITY
 
Text Mining Analytics 101
Text Mining Analytics 101Text Mining Analytics 101
Text Mining Analytics 101Manohar Swamynathan
 
Mis in walmart
Mis in walmartMis in walmart
Mis in walmartWasim Haidar
 
Money of the future 2015\2016
Money of the future 2015\2016Money of the future 2015\2016
Money of the future 2015\2016Vladislav Solodkiy
 
KPIs in Mobile Money: A Reference Guide
KPIs in Mobile Money: A Reference GuideKPIs in Mobile Money: A Reference Guide
KPIs in Mobile Money: A Reference GuideGSMA Mobile for Development
 
Health in the Philippines
Health in the PhilippinesHealth in the Philippines
Health in the PhilippinesRenzo Guinto
 
Making The Connection Part 2 (Government and Citizens)
Making The Connection Part 2 (Government and Citizens)Making The Connection Part 2 (Government and Citizens)
Making The Connection Part 2 (Government and Citizens)Dan Bevarly
 

More Related Content

What's hot

07. Analytics & Reporting Requirements Template
07. Analytics & Reporting Requirements Template07. Analytics & Reporting Requirements Template
07. Analytics & Reporting Requirements TemplateAlan D. Duncan
 
Module 5 - Data Science Methodology.pdf
Module 5 - Data Science Methodology.pdfModule 5 - Data Science Methodology.pdf
Module 5 - Data Science Methodology.pdffathiah5
 
Introduction to Ethics of Big Data
Introduction to Ethics of Big DataIntroduction to Ethics of Big Data
Introduction to Ethics of Big Data28 Burnside
 
Incorporating ERP metadata in your data models
Incorporating ERP metadata in your data modelsIncorporating ERP metadata in your data models
Incorporating ERP metadata in your data modelsChristopher Bradley
 
2021: The second wave of Fintech Disruption: Trends to watch out
2021: The second wave of Fintech Disruption: Trends to watch out2021: The second wave of Fintech Disruption: Trends to watch out
2021: The second wave of Fintech Disruption: Trends to watch outIndusNetMarketing
 
Introduction to Data Science and Analytics
Introduction to Data Science and AnalyticsIntroduction to Data Science and Analytics
Introduction to Data Science and AnalyticsSrinath Perera
 
Trilogy Model Of Knowledge Creation Cebrian,Methusael
Trilogy Model Of Knowledge Creation Cebrian,MethusaelTrilogy Model Of Knowledge Creation Cebrian,Methusael
Trilogy Model Of Knowledge Creation Cebrian,MethusaelMethusael Cebrian
 
Governance and Architecture in Data Integration
Governance and Architecture in Data IntegrationGovernance and Architecture in Data Integration
Governance and Architecture in Data IntegrationAnalytiX DS
 
Data Science Tutorial | What is Data Science? | Data Science For Beginners | ...
Data Science Tutorial | What is Data Science? | Data Science For Beginners | ...Data Science Tutorial | What is Data Science? | Data Science For Beginners | ...
Data Science Tutorial | What is Data Science? | Data Science For Beginners | ...Edureka!
 
The Importance of Master Data Management
The Importance of Master Data ManagementThe Importance of Master Data Management
The Importance of Master Data ManagementDATAVERSITY
 
How to Strengthen Enterprise Data Governance with Data Quality
How to Strengthen Enterprise Data Governance with Data QualityHow to Strengthen Enterprise Data Governance with Data Quality
How to Strengthen Enterprise Data Governance with Data QualityDATAVERSITY
 

What's hot (20)

07. Analytics & Reporting Requirements Template
07. Analytics & Reporting Requirements Template07. Analytics & Reporting Requirements Template
07. Analytics & Reporting Requirements Template
 
Chapter 2
Chapter 2Chapter 2
Chapter 2
 
Module 5 - Data Science Methodology.pdf
Module 5 - Data Science Methodology.pdfModule 5 - Data Science Methodology.pdf
Module 5 - Data Science Methodology.pdf
 
Introduction to Ethics of Big Data
Introduction to Ethics of Big DataIntroduction to Ethics of Big Data
Introduction to Ethics of Big Data
 
Covisint
CovisintCovisint
Covisint
 
Incorporating ERP metadata in your data models
Incorporating ERP metadata in your data modelsIncorporating ERP metadata in your data models
Incorporating ERP metadata in your data models
 
2021: The second wave of Fintech Disruption: Trends to watch out
2021: The second wave of Fintech Disruption: Trends to watch out2021: The second wave of Fintech Disruption: Trends to watch out
2021: The second wave of Fintech Disruption: Trends to watch out
 
Introduction to Data Science and Analytics
Introduction to Data Science and AnalyticsIntroduction to Data Science and Analytics
Introduction to Data Science and Analytics
 
Trilogy Model Of Knowledge Creation Cebrian,Methusael
Trilogy Model Of Knowledge Creation Cebrian,MethusaelTrilogy Model Of Knowledge Creation Cebrian,Methusael
Trilogy Model Of Knowledge Creation Cebrian,Methusael
 
Apply (Big) Data Analytics & Predictive Analytics to Business Application
Apply (Big) Data Analytics & Predictive Analytics to Business ApplicationApply (Big) Data Analytics & Predictive Analytics to Business Application
Apply (Big) Data Analytics & Predictive Analytics to Business Application
 
Governance and Architecture in Data Integration
Governance and Architecture in Data IntegrationGovernance and Architecture in Data Integration
Governance and Architecture in Data Integration
 
Data Science Tutorial | What is Data Science? | Data Science For Beginners | ...
Data Science Tutorial | What is Data Science? | Data Science For Beginners | ...Data Science Tutorial | What is Data Science? | Data Science For Beginners | ...
Data Science Tutorial | What is Data Science? | Data Science For Beginners | ...
 
Data literacy
Data literacyData literacy
Data literacy
 
The Importance of Master Data Management
The Importance of Master Data ManagementThe Importance of Master Data Management
The Importance of Master Data Management
 
Dbm630_lecture02-03
Dbm630_lecture02-03Dbm630_lecture02-03
Dbm630_lecture02-03
 
How to Strengthen Enterprise Data Governance with Data Quality
How to Strengthen Enterprise Data Governance with Data QualityHow to Strengthen Enterprise Data Governance with Data Quality
How to Strengthen Enterprise Data Governance with Data Quality
 
Text Mining Analytics 101
Text Mining Analytics 101Text Mining Analytics 101
Text Mining Analytics 101
 
Mis in walmart
Mis in walmartMis in walmart
Mis in walmart
 
Money of the future 2015\2016
Money of the future 2015\2016Money of the future 2015\2016
Money of the future 2015\2016
 
KPIs in Mobile Money: A Reference Guide
KPIs in Mobile Money: A Reference GuideKPIs in Mobile Money: A Reference Guide
KPIs in Mobile Money: A Reference Guide
 

Viewers also liked

Health in the Philippines
Health in the PhilippinesHealth in the Philippines
Health in the PhilippinesRenzo Guinto
 
Making The Connection Part 2 (Government and Citizens)
Making The Connection Part 2 (Government and Citizens)Making The Connection Part 2 (Government and Citizens)
Making The Connection Part 2 (Government and Citizens)Dan Bevarly
 
G2 c mini project(sunanda,shreya,shubham)
G2 c mini project(sunanda,shreya,shubham)G2 c mini project(sunanda,shreya,shubham)
G2 c mini project(sunanda,shreya,shubham)Shreya Chaudhary
 
Introduction to e commerce
Introduction to e commerceIntroduction to e commerce
Introduction to e commerceUtomo Prawiro
 
Government Citizen Engagement Survival Guide
Government Citizen Engagement Survival GuideGovernment Citizen Engagement Survival Guide
Government Citizen Engagement Survival GuideGovLoop
 
Ec2009 ch07 e government e-learning e-supply chains collaborative commerce an...
Ec2009 ch07 e government e-learning e-supply chains collaborative commerce an...Ec2009 ch07 e government e-learning e-supply chains collaborative commerce an...
Ec2009 ch07 e government e-learning e-supply chains collaborative commerce an...Nuth Otanasap
 
E-commerce Trends from 2015 to 2016 by Divante
E-commerce Trends from 2015 to 2016 by DivanteE-commerce Trends from 2015 to 2016 by Divante
E-commerce Trends from 2015 to 2016 by DivanteDivante
 
E commerce full notes for mba
E commerce full notes for mba E commerce full notes for mba
E commerce full notes for mba karishma
 
E commerce
E commerceE commerce
E commerceGBC
 

Viewers also liked (14)

Health in the Philippines
Health in the PhilippinesHealth in the Philippines
Health in the Philippines
 
Making The Connection Part 2 (Government and Citizens)
Making The Connection Part 2 (Government and Citizens)Making The Connection Part 2 (Government and Citizens)
Making The Connection Part 2 (Government and Citizens)
 
G2 c mini project(sunanda,shreya,shubham)
G2 c mini project(sunanda,shreya,shubham)G2 c mini project(sunanda,shreya,shubham)
G2 c mini project(sunanda,shreya,shubham)
 
Introduction to e commerce
Introduction to e commerceIntroduction to e commerce
Introduction to e commerce
 
Electronic Government in the GCC Countries
Electronic Government in the GCC CountriesElectronic Government in the GCC Countries
Electronic Government in the GCC Countries
 
Government Citizen Engagement Survival Guide
Government Citizen Engagement Survival GuideGovernment Citizen Engagement Survival Guide
Government Citizen Engagement Survival Guide
 
Ec2009 ch07 e government e-learning e-supply chains collaborative commerce an...
Ec2009 ch07 e government e-learning e-supply chains collaborative commerce an...Ec2009 ch07 e government e-learning e-supply chains collaborative commerce an...
Ec2009 ch07 e government e-learning e-supply chains collaborative commerce an...
 
E-commerce Trends from 2015 to 2016 by Divante
E-commerce Trends from 2015 to 2016 by DivanteE-commerce Trends from 2015 to 2016 by Divante
E-commerce Trends from 2015 to 2016 by Divante
 
E-commerce in India
E-commerce in IndiaE-commerce in India
E-commerce in India
 
E commerce full notes for mba
E commerce full notes for mba E commerce full notes for mba
E commerce full notes for mba
 
Lifts
LiftsLifts
Lifts
 
E commerce
E commerceE commerce
E commerce
 
E commerce
E commerceE commerce
E commerce
 
E commerce ppt
E commerce pptE commerce ppt
E commerce ppt
 

Similar to Government Citizen ID using Java Card Platform

Stronger/Multi-factor Authentication for Enterprise Applications
Stronger/Multi-factor Authentication for Enterprise ApplicationsStronger/Multi-factor Authentication for Enterprise Applications
Stronger/Multi-factor Authentication for Enterprise ApplicationsRamesh Nagappan
 
SmartCard Forum 2011 - Evolution of authentication market
SmartCard Forum 2011 - Evolution of authentication marketSmartCard Forum 2011 - Evolution of authentication market
SmartCard Forum 2011 - Evolution of authentication marketOKsystem
 
User Authentication for Government
User Authentication for GovernmentUser Authentication for Government
User Authentication for GovernmentCarahsoft
 
SmartCard Forum 2010 - Secured Access for enterprise
SmartCard Forum 2010 - Secured Access for enterpriseSmartCard Forum 2010 - Secured Access for enterprise
SmartCard Forum 2010 - Secured Access for enterpriseOKsystem
 
SmartCard Forum 2009 - New trends in smart-cards technology
SmartCard Forum 2009 - New trends in smart-cards technologySmartCard Forum 2009 - New trends in smart-cards technology
SmartCard Forum 2009 - New trends in smart-cards technologyOKsystem
 
Cidway Corporate Access 06 2009 Full
Cidway Corporate Access 06 2009 FullCidway Corporate Access 06 2009 Full
Cidway Corporate Access 06 2009 Fulllfilliat
 
Managing PIV Card Lifecycle and Converging Physical & Logical Access Control
Managing PIV Card Lifecycle and Converging Physical & Logical Access ControlManaging PIV Card Lifecycle and Converging Physical & Logical Access Control
Managing PIV Card Lifecycle and Converging Physical & Logical Access ControlRamesh Nagappan
 
Ynamono Hs Lecture
Ynamono Hs LectureYnamono Hs Lecture
Ynamono Hs Lectureynamoto
 
Authentication.Next
Authentication.NextAuthentication.Next
Authentication.NextMark Diodati
 
SmartCard Forum 2009 - OpenTrust SCM
SmartCard Forum 2009 - OpenTrust SCMSmartCard Forum 2009 - OpenTrust SCM
SmartCard Forum 2009 - OpenTrust SCMOKsystem
 
SmartCard Forum 2010 - Enterprise authentication
SmartCard Forum 2010 - Enterprise authenticationSmartCard Forum 2010 - Enterprise authentication
SmartCard Forum 2010 - Enterprise authenticationOKsystem
 
Identity systems
Identity systemsIdentity systems
Identity systemsJim Fenton
 
Information and Identity Protection - Data Loss Prevention, Encryption, User ...
Information and Identity Protection - Data Loss Prevention, Encryption, User ...Information and Identity Protection - Data Loss Prevention, Encryption, User ...
Information and Identity Protection - Data Loss Prevention, Encryption, User ...Symantec APJ
 
Internet Security Threat Report (ISTR) Vol. 16
Internet Security Threat Report (ISTR) Vol. 16Internet Security Threat Report (ISTR) Vol. 16
Internet Security Threat Report (ISTR) Vol. 16Symantec APJ
 
Mobilized Secure Login - motionQR Use Case
Mobilized Secure Login - motionQR Use CaseMobilized Secure Login - motionQR Use Case
Mobilized Secure Login - motionQR Use CasemotionQR
 
CIS14: Authentication Family Tree (1.1.1 annotated) - Steve Wilson
CIS14: Authentication Family Tree (1.1.1 annotated) - Steve WilsonCIS14: Authentication Family Tree (1.1.1 annotated) - Steve Wilson
CIS14: Authentication Family Tree (1.1.1 annotated) - Steve WilsonCloudIDSummit
 
Passwords and Fingerprints and Faces—Oh My! Comparing Old and New Authentication
Passwords and Fingerprints and Faces—Oh My! Comparing Old and New AuthenticationPasswords and Fingerprints and Faces—Oh My! Comparing Old and New Authentication
Passwords and Fingerprints and Faces—Oh My! Comparing Old and New AuthenticationPriyanka Aash
 

Similar to Government Citizen ID using Java Card Platform (20)

Stronger/Multi-factor Authentication for Enterprise Applications
Stronger/Multi-factor Authentication for Enterprise ApplicationsStronger/Multi-factor Authentication for Enterprise Applications
Stronger/Multi-factor Authentication for Enterprise Applications
 
SmartCard Forum 2011 - Evolution of authentication market
SmartCard Forum 2011 - Evolution of authentication marketSmartCard Forum 2011 - Evolution of authentication market
SmartCard Forum 2011 - Evolution of authentication market
 
User Authentication for Government
User Authentication for GovernmentUser Authentication for Government
User Authentication for Government
 
SmartCard Forum 2010 - Secured Access for enterprise
SmartCard Forum 2010 - Secured Access for enterpriseSmartCard Forum 2010 - Secured Access for enterprise
SmartCard Forum 2010 - Secured Access for enterprise
 
Identity Assertions Draftv5
Identity Assertions Draftv5Identity Assertions Draftv5
Identity Assertions Draftv5
 
SmartCard Forum 2009 - New trends in smart-cards technology
SmartCard Forum 2009 - New trends in smart-cards technologySmartCard Forum 2009 - New trends in smart-cards technology
SmartCard Forum 2009 - New trends in smart-cards technology
 
Sms passcode
Sms passcodeSms passcode
Sms passcode
 
Cidway Corporate Access 06 2009 Full
Cidway Corporate Access 06 2009 FullCidway Corporate Access 06 2009 Full
Cidway Corporate Access 06 2009 Full
 
Managing PIV Card Lifecycle and Converging Physical & Logical Access Control
Managing PIV Card Lifecycle and Converging Physical & Logical Access ControlManaging PIV Card Lifecycle and Converging Physical & Logical Access Control
Managing PIV Card Lifecycle and Converging Physical & Logical Access Control
 
Ynamono Hs Lecture
Ynamono Hs LectureYnamono Hs Lecture
Ynamono Hs Lecture
 
Authentication.Next
Authentication.NextAuthentication.Next
Authentication.Next
 
SmartCard Forum 2009 - OpenTrust SCM
SmartCard Forum 2009 - OpenTrust SCMSmartCard Forum 2009 - OpenTrust SCM
SmartCard Forum 2009 - OpenTrust SCM
 
SmartCard Forum 2010 - Enterprise authentication
SmartCard Forum 2010 - Enterprise authenticationSmartCard Forum 2010 - Enterprise authentication
SmartCard Forum 2010 - Enterprise authentication
 
Identity systems
Identity systemsIdentity systems
Identity systems
 
Information and Identity Protection - Data Loss Prevention, Encryption, User ...
Information and Identity Protection - Data Loss Prevention, Encryption, User ...Information and Identity Protection - Data Loss Prevention, Encryption, User ...
Information and Identity Protection - Data Loss Prevention, Encryption, User ...
 
Internet Security Threat Report (ISTR) Vol. 16
Internet Security Threat Report (ISTR) Vol. 16Internet Security Threat Report (ISTR) Vol. 16
Internet Security Threat Report (ISTR) Vol. 16
 
Mobilized Secure Login - motionQR Use Case
Mobilized Secure Login - motionQR Use CaseMobilized Secure Login - motionQR Use Case
Mobilized Secure Login - motionQR Use Case
 
Biometrics
BiometricsBiometrics
Biometrics
 
CIS14: Authentication Family Tree (1.1.1 annotated) - Steve Wilson
CIS14: Authentication Family Tree (1.1.1 annotated) - Steve WilsonCIS14: Authentication Family Tree (1.1.1 annotated) - Steve Wilson
CIS14: Authentication Family Tree (1.1.1 annotated) - Steve Wilson
 
Passwords and Fingerprints and Faces—Oh My! Comparing Old and New Authentication
Passwords and Fingerprints and Faces—Oh My! Comparing Old and New AuthenticationPasswords and Fingerprints and Faces—Oh My! Comparing Old and New Authentication
Passwords and Fingerprints and Faces—Oh My! Comparing Old and New Authentication
 

More from Ramesh Nagappan

Post Quantum Cryptography: Technical Overview
Post Quantum Cryptography: Technical OverviewPost Quantum Cryptography: Technical Overview
Post Quantum Cryptography: Technical OverviewRamesh Nagappan
 
Biometric Authentication for J2EE applications - JavaONE 2005
Biometric Authentication for J2EE applications - JavaONE 2005Biometric Authentication for J2EE applications - JavaONE 2005
Biometric Authentication for J2EE applications - JavaONE 2005Ramesh Nagappan
 
Interoperable Provisioning in a distributed world
Interoperable Provisioning in a distributed worldInteroperable Provisioning in a distributed world
Interoperable Provisioning in a distributed worldRamesh Nagappan
 
Secure Multitenancy on Oracle SuperCluster
Secure Multitenancy on Oracle SuperClusterSecure Multitenancy on Oracle SuperCluster
Secure Multitenancy on Oracle SuperClusterRamesh Nagappan
 
Secure Multi-tenancy on Private Cloud Environment (Oracle SuperCluster)
Secure Multi-tenancy on Private Cloud Environment (Oracle SuperCluster)Secure Multi-tenancy on Private Cloud Environment (Oracle SuperCluster)
Secure Multi-tenancy on Private Cloud Environment (Oracle SuperCluster)Ramesh Nagappan
 
High Performance Security and Virtualization for Oracle Database and Cloud-En...
High Performance Security and Virtualization for Oracle Database and Cloud-En...High Performance Security and Virtualization for Oracle Database and Cloud-En...
High Performance Security and Virtualization for Oracle Database and Cloud-En...Ramesh Nagappan
 
High Performance Security With SPARC T4 Hardware Assisted Cryptography
High Performance Security With SPARC T4 Hardware Assisted CryptographyHigh Performance Security With SPARC T4 Hardware Assisted Cryptography
High Performance Security With SPARC T4 Hardware Assisted CryptographyRamesh Nagappan
 
Analysis of Security and Compliance using Oracle SPARC T-Series Servers: Emph...
Analysis of Security and Compliance using Oracle SPARC T-Series Servers: Emph...Analysis of Security and Compliance using Oracle SPARC T-Series Servers: Emph...
Analysis of Security and Compliance using Oracle SPARC T-Series Servers: Emph...Ramesh Nagappan
 
ICAM - Demo Architecture review
ICAM - Demo Architecture reviewICAM - Demo Architecture review
ICAM - Demo Architecture reviewRamesh Nagappan
 
PIV Card based Identity Assurance in Sun Ray and IDM environment
PIV Card based Identity Assurance in Sun Ray and IDM environmentPIV Card based Identity Assurance in Sun Ray and IDM environment
PIV Card based Identity Assurance in Sun Ray and IDM environmentRamesh Nagappan
 
Java Platform Security Architecture
Java Platform Security ArchitectureJava Platform Security Architecture
Java Platform Security ArchitectureRamesh Nagappan
 
Stronger Authentication with Biometric SSO
Stronger Authentication with Biometric SSOStronger Authentication with Biometric SSO
Stronger Authentication with Biometric SSORamesh Nagappan
 
Wire-speed Cryptographic Acceleration for SOA and Java EE Security
Wire-speed Cryptographic Acceleration for SOA and Java EE SecurityWire-speed Cryptographic Acceleration for SOA and Java EE Security
Wire-speed Cryptographic Acceleration for SOA and Java EE SecurityRamesh Nagappan
 

More from Ramesh Nagappan (13)

Post Quantum Cryptography: Technical Overview
Post Quantum Cryptography: Technical OverviewPost Quantum Cryptography: Technical Overview
Post Quantum Cryptography: Technical Overview
 
Biometric Authentication for J2EE applications - JavaONE 2005
Biometric Authentication for J2EE applications - JavaONE 2005Biometric Authentication for J2EE applications - JavaONE 2005
Biometric Authentication for J2EE applications - JavaONE 2005
 
Interoperable Provisioning in a distributed world
Interoperable Provisioning in a distributed worldInteroperable Provisioning in a distributed world
Interoperable Provisioning in a distributed world
 
Secure Multitenancy on Oracle SuperCluster
Secure Multitenancy on Oracle SuperClusterSecure Multitenancy on Oracle SuperCluster
Secure Multitenancy on Oracle SuperCluster
 
Secure Multi-tenancy on Private Cloud Environment (Oracle SuperCluster)
Secure Multi-tenancy on Private Cloud Environment (Oracle SuperCluster)Secure Multi-tenancy on Private Cloud Environment (Oracle SuperCluster)
Secure Multi-tenancy on Private Cloud Environment (Oracle SuperCluster)
 
High Performance Security and Virtualization for Oracle Database and Cloud-En...
High Performance Security and Virtualization for Oracle Database and Cloud-En...High Performance Security and Virtualization for Oracle Database and Cloud-En...
High Performance Security and Virtualization for Oracle Database and Cloud-En...
 
High Performance Security With SPARC T4 Hardware Assisted Cryptography
High Performance Security With SPARC T4 Hardware Assisted CryptographyHigh Performance Security With SPARC T4 Hardware Assisted Cryptography
High Performance Security With SPARC T4 Hardware Assisted Cryptography
 
Analysis of Security and Compliance using Oracle SPARC T-Series Servers: Emph...
Analysis of Security and Compliance using Oracle SPARC T-Series Servers: Emph...Analysis of Security and Compliance using Oracle SPARC T-Series Servers: Emph...
Analysis of Security and Compliance using Oracle SPARC T-Series Servers: Emph...
 
ICAM - Demo Architecture review
ICAM - Demo Architecture reviewICAM - Demo Architecture review
ICAM - Demo Architecture review
 
PIV Card based Identity Assurance in Sun Ray and IDM environment
PIV Card based Identity Assurance in Sun Ray and IDM environmentPIV Card based Identity Assurance in Sun Ray and IDM environment
PIV Card based Identity Assurance in Sun Ray and IDM environment
 
Java Platform Security Architecture
Java Platform Security ArchitectureJava Platform Security Architecture
Java Platform Security Architecture
 
Stronger Authentication with Biometric SSO
Stronger Authentication with Biometric SSOStronger Authentication with Biometric SSO
Stronger Authentication with Biometric SSO
 
Wire-speed Cryptographic Acceleration for SOA and Java EE Security
Wire-speed Cryptographic Acceleration for SOA and Java EE SecurityWire-speed Cryptographic Acceleration for SOA and Java EE Security
Wire-speed Cryptographic Acceleration for SOA and Java EE Security
 

Recently uploaded

Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessPixlogix Infotech
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsJoaquim Jorge
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUK Journal
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 

Recently uploaded (20)

Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your Business
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 

Government Citizen ID using Java Card Platform

  • 1. Govt. Citizen ID with TM Java Card Platform Emphasis on the role and relevance of Java Card and Sun Identity Management Technologies Ramesh Nagappan Security Technologist, ISV-E ramesh.nagappan@sun.com http://www.coresecuritypatterns.com/blogs
  • 2. Undisputed Market Leader in Multi-Application Smart Cards Loyalty Corporate Finance Telecom Government/Healthcare Armed Forces of the United States Photograph Organization Seal U.S. Navy DoD Civilian Parker IV, Last name First name,J. Christopher Initial Issue Date Chip September 30 2001 Expiration Date October 1 2001 Identification Card Slide 2 © Sun Microsystems 2009
  • 3. Introduction to Java Card Technology Security and Portability with Reliability as Core Value Proposition • A Programmable Runtime engine for Smart cards > Open & Standards-based > Built for multi-application > Proven security (Enabling on-card PKI/Biometrics credentials based Physical/Logical Access Control) • A future-proof platform for Smart card based services > Dynamic application loading > Test-suite enforced interoperability > Cryptography and Biometrics support • A reference technology for Smart card issuers > Market leader in Security for Government and Citizen ID > Market leader in reliability for wireless, banking, ID > Choice of multi-sourcing – Obtain cards from multiple vendors Slide 3 © Sun Microsystems 2007
  • 4. Java Card Adoption • 6 Billion Java Card Units deployed SIM Cards > Variety of form factors Secure Flash Memory • Leader in market segments > Telecom (Defacto for SIM card !) > Banking (Payment card) Passports USB Tokens > ID (Citizen/Govt/Defence/Intelligence) > PayTV (Cable/Dish Subscriber card) > Transport, Healthcare... Smart Cards Contactless Slide 4 © Sun Microsystems 2007
  • 5. Java Card vs MULTOS Slide 5 © Sun Microsystems 2009
  • 6. Java Card as Cryptographic Token PKI enabled Smart cards • A credit card sized computing device acts as a Cryptographic token. > Contact / Contactless cards Standards • ISO-7816 • Allows performing core PKI functions > Key generation • Java Card, Multos > Public/Private key operations • Global Platform > PIN/Biometric authentication • PC/SC > Challenge/response authentication • FIPS-201/PIV, CAC • Supports the use of Public-key infrastructure to • PKCS#11, PKCS#15 verify the Identity claim. • GSM/PCS > PKI credential issuance. > Credential validation/verification via OCSP, • EMV CRLs (Europay/Mastercard/Visa) • Defends against tampering and hacking. > PKI/Private key protection Using Smart card based PKI as an Authentication Credential Slide 6 © Sun Microsystems 2007
  • 7. Java Card as Biometric Token Java Card based Biometric Identity Standards • Matching to Physiological or Behavioral • INCITS 378 / CBEFF (Fingerprints) characteristics to identify a person. • INCITS 379 (Iris) > High degree of assurance with proof of presence + proof of possession • OASIS BIAS > Fingerprints, Facial image/geometry, Iris • BioAPI images can be stored on card. • JavaCard BioAPI > Match on-card samples to live human samples. • FIPS-201 / PIV • Biometric templates can be stored on Smart card for personal identification. > Fingerprint template is ~200 bytes > Iris template is 500 bytes • Biometric credential must be exchanged in a secure network channel (Trusted path) Using Smart card based Biometrics as an Authentication Credential Slide 7 © Sun Microsystems 2007
  • 8. Managing Govt ID Issuance Life-cycle Identity Management life-cycle events Identity Registration Identity Identity Enrollment & Termination Adjudication Credential Card/ Maintenance Credential Issuance Physical & Logical Access Control Slide 8 © Sun Microsystems 2009
  • 9. Managing Govt ID Issuance Lifecycle Smartcard issuance life-cycle using Sun Identity Management Suite Demographic Data Physical Access Biometrics Control Sun Logical IDMS Access PKI Control Verified Credentials Identity ( Smartcard Proofing / Biometrics) Slide 9 © Sun Microsystems 2009
  • 10. Sun IDM Authorization Workflow Hiring Enrollment HR Manager Officer Officer Approval/Denial Approval/Denial Approval/Denial Biometrics Identity Applicant Card Issuance & Breeder Documents Proofing & Registration Activation Enrollment Adjudication HR Enrollment Hiring Manager Officer Manager Approval/Denial Approval/Denial Approval/Denial Physical & Retirement / Credential Logical Access Termination Maintenance Provisioning • Sun IDM manages the authorization workflow and authority approval and denials. • Sun IDM facilitates digitally signed approvals using Smart card based credentials verified against a PKI provider. Slide 10 © Sun Microsystems 2009
  • 11. Smart card based Credentials - Logical Access Control Sun Confidential: Sun Employees and Immersion Week 2008 Partner Attendees Only. 11
  • 12. Sun Rays In a Govt eID Environment Security Manageability Reliability Mobility Value Sun Ray supports the use of most eID and CAC/PIV Cards Slide 12 © Sun Microsystems 2009
  • 13. Logical Deployment of Sun Rays Smartcard based authentication – Virtual/Remote Desktop/Application environment PC & Thin Client users can Access layer The access tier Each user desktop Native protocols securely access their remote controls the user supports standard environment runs are used to access desktops & applications from access and Authentication on a virtual machine apps. any location using PIV Cards. application profiles. mechanisms: located in the corporate data No modification of It maintains audit LDAPv3 the OS or apps logs of user and center. Once PIV authenticated, the Active Directory required. app usage. All desktop and access tier establishes a NIS display connection to the user It provides the application device and a protocol display engine to the MS Windows communication connection to the back-end user desktop. Domain remains in the desktop OS and data center. applications. Combine existing Windows XP / 2003 Secure remote Desktop access from any authentication Virtualization Firewall Firewall location and authorization mechanisms using Sun Rays using Sun IDMS and Sun VDI PIV Credential Authentication Sun Access Tier Identity/Auth. ESX Virtualization Applications Sun Rays Data Center Slide 13 © Sun Microsystems 2009
  • 14. Sun CMT Servers: Wire-speed Security UltraSPARC T2 offers On-chip Cryptographic Acceleration for PKI Applications • Sun UltraSPARC T2 offers industry- leading cryptography performance for PIV environments. > On-chip Crypto threads virtually eliminates large workloads with PKI & Cryptography. > Out-performs competition on SSL and Public-key crypto opertaions > Over 30x greater RSA1024 performance than 2-socket IBM p510 • Support common used ciphers for Public-key encryption and secure hashing functions > Public-key cryptography (RSA, DSA, Diffie-Hellman, ECC) > Bulk encryption (RC4, DES, 3DES, AES) > Secure hash (MD5, SHA-1, SHA-256) Slide 14 © Sun Microsystems 2009
  • 15. Mandatory Access Control and Security Labels (Solaris TX) Slide 15 © Sun Microsystems 2009
  • 16. U.S. Department of Defense Photograph Armed Forces of the United States • Military ID and Geneva Convention Card Organization Seal > Common credentials for verified identity U.S. Navy DoD Civilian Parker IV, Last name First name,J. Christopher Initial > DoD-wide health benefits ID card > Physical access and manifesting Issue Date Chip September 30 2001 Expiration Date October 1 2001 > Logical access with PKI/digital signature Identification Card • Well established security certification platform with numerous cards with FIPS-140 ratings > High-degree of Security and Assurance • Supports additional military branch-specific applications at issuance and post-issuance • Flexible to support original CAC format, CAC transitional format and PIV format (evolution of requirements) • Deployment: +3M active duty units. Over 12M units to date. Issuing +30K units a day at peek war periods Slide 16 © Sun Microsystems 2009
  • 17. US Federal Employee PIV Card • Presidential Directive 12 (HSPD-12) mandated a Federal Government-wide smart card ID program. > Use of combined PKI and Biometric credentials • Dual interfaces for both for Physical and Logical access > Secure Contact/Contactless access to target resources • To date, all deployed PIV cards are Java Card > Conformance to Java Card 2.2.1 • By 2013 over 12 million PIV cards will have been issued • The PIV model is being replicated in the US Federal Govt in programs such as Travel Worker Identity Program (TWIC), First Responder ID, Immigration Cards and potentially Drivers Licensees Slide 17 © Sun Microsystems 2009
  • 18. Taiwan Healthcare ID • National health insurance ID card • Multi-application smart card > Identification, medical profile and benefits > E-Purse capable > Restricted use by other governmental agencies to protect privacy • Supports open standards and post-issuance of new applications • 40M Java Cards deployed Slide 18 © Sun Microsystems 2009
  • 19. Belgium National ID • First country in EU to deploy citizen ID card to entire population • Multi-application Java Card > Identification, e-Government Services, e-Voting, etc. > Filing Tax Returns, Birth Certs, Civil Records > Digital Certificates: Authentication, Digital Signature – PKCS15 Conformance > Commercial Applications: e-Banking, e- Ticketing • Common Criteria EAL 5+ Certified • Deployment: 40+ Million Java CardsSlide 19 © Sun Microsystems 2009
  • 20. Thailand National ID Card • National Citizen ID card to entire population > Multi-application Java Card-based Smart Card > Personal ID, fingerprints, tax, social welfare and social security numbers, agricultural data and healthcare data. > Citizens will be able to access eGovernment services at e-government kiosks nationwide and by smart card readers integrated into desktop computers. • 60M+ Java Cards deployed Slide 20 © Sun Microsystems 2009
  • 21. Oman National ID Card • First country in Middle East to start deploying large- scale citizen ID Card to entire population > Multi-application Java Card-based smart card > Provides positive identification with digital photograph, digital certificates and biometrics authentication > Have plans to add driver’s license, emergency medical data and border control applications • Deployment: 3M+ Java Cards Slide 21 © Sun Microsystems 2009
  • 22. United Arab Emirates National ID • National Citizen ID Card to Entire Population > Multi-application Java Card-based Smart Card > Positive Identification with Digital Photograph, Digital Certificates and Fingerprint Biometrics Authentication > Enabled e-Government Services > Plans to add Driver’s License, Emergency Medical Data and Border Control Applications • Deployment: +4.5 Million Java Cards Slide 22 © Sun Microsystems 2009
  • 23. Macau Government ID Card • Multi-application Java Card-based Smart Card > Identification, Border Control, E-Government, E-Commence and Public Services Access > Driver's License and E-Purse Envisioned in Future • Secure Laser Engraved Java Cards > Facial Image,Signature, and Fingerprint Biometrics > PKI/Certificates • GlobalPlatform-compatible Card Mgt. System Slide 23 © Sun Microsystems 2009
  • 24. More...Java Card's Govt ID Successes •UK NHS and MoD •Canadian ePassports •Portugal National ID •Qatar National ID •Azerbaijan National ID •Morocco National ID •Finland National ID •Italy National ID •Queensland Australia Drivers License •And approximately 20 other countries exploring Java Card Slide 24 © Sun Microsystems 2009
  • 25. Thank You ! Ramesh Nagappan ramesh.nagappan@sun.com http://www.coresecuritypatterns.com/blogs Brian Kowal Head, Java Card Marketing & Sales Brian.Kowal@sun.com