the southampton pathfinder for smart cards in public services
DESCRIPTION
The Southampton Pathfinder for Smart Cards in public services. SmartPath. Sean Dawtry Corporate IT Consultant Southampton City Council E-mail [email protected] Tel 023 8083 2983. Agenda. Overview of SmartPath Principles Project Scope PKI How Does it Work Main Partners - PowerPoint PPT PresentationTRANSCRIPT
![Page 1: The Southampton Pathfinder for Smart Cards in public services](https://reader036.vdocuments.us/reader036/viewer/2022070407/568143a1550346895db0227b/html5/thumbnails/1.jpg)
© Southampton City Council Sean Dawtry – Southampton City Council
The Southampton Pathfinder for Smart Cards in public services
![Page 2: The Southampton Pathfinder for Smart Cards in public services](https://reader036.vdocuments.us/reader036/viewer/2022070407/568143a1550346895db0227b/html5/thumbnails/2.jpg)
© Southampton City Council Sean Dawtry – Southampton City Council
SmartPath
• Sean Dawtry• Corporate IT Consultant• Southampton City Council• E-mail [email protected]• Tel 023 8083 2983
![Page 3: The Southampton Pathfinder for Smart Cards in public services](https://reader036.vdocuments.us/reader036/viewer/2022070407/568143a1550346895db0227b/html5/thumbnails/3.jpg)
© Southampton City Council Sean Dawtry – Southampton City Council
Agenda
• Overview of SmartPath• Principles • Project Scope• PKI• How Does it Work• Main Partners• Issues• The Future
![Page 4: The Southampton Pathfinder for Smart Cards in public services](https://reader036.vdocuments.us/reader036/viewer/2022070407/568143a1550346895db0227b/html5/thumbnails/4.jpg)
© Southampton City Council Sean Dawtry – Southampton City Council
Overview
• Develop Robust/Resilient Security Infrastructure for Electronic Service Delivery.
• Though Development of PKI
• Build Around Existing SmartCities Scheme
• Available from Kiosks, PCs in Libraries
• 6000 Citizens
![Page 5: The Southampton Pathfinder for Smart Cards in public services](https://reader036.vdocuments.us/reader036/viewer/2022070407/568143a1550346895db0227b/html5/thumbnails/5.jpg)
© Southampton City Council Sean Dawtry – Southampton City Council
Principles
• Bridge Digital Divide
• Through SmartCard
• Secure
• Needed Real World Application– Housing Repairs
• Portability and Interoperability
![Page 6: The Southampton Pathfinder for Smart Cards in public services](https://reader036.vdocuments.us/reader036/viewer/2022070407/568143a1550346895db0227b/html5/thumbnails/6.jpg)
© Southampton City Council Sean Dawtry – Southampton City Council
Scope
• Business Process Development– SmartCities– Housing– PKI/Certificate Management
• Infrastructure Development
• System Design
• Integration– With Back Office– SmartCities
• Secure Portal
• Intuitive User Interface
![Page 7: The Southampton Pathfinder for Smart Cards in public services](https://reader036.vdocuments.us/reader036/viewer/2022070407/568143a1550346895db0227b/html5/thumbnails/7.jpg)
© Southampton City Council Sean Dawtry – Southampton City Council
PKI
• PKI (Public Key Infrastructure)– Enables users of a unsecured public network such as
the Internet to securely and privately exchange data and money through the use of a public and a private cryptographic key pair that is obtained and shared through a trusted authority.
– The public key infrastructure provides for a digital certificate that can identify an individual or an organization and directory services that can store and, when necessary, revoke the certificates.
![Page 8: The Southampton Pathfinder for Smart Cards in public services](https://reader036.vdocuments.us/reader036/viewer/2022070407/568143a1550346895db0227b/html5/thumbnails/8.jpg)
© Southampton City Council Sean Dawtry – Southampton City Council
Digital Certificate
• A digital certificate is an electronic “passport" that establishes your credentials when doing business or other transactions on the Web.
• It contains your name, a serial number, expiration dates, a copy of the certificate holder's public key, and the digital signature of the certificate-issuing authority so that a recipient can verify that the certificate is real.
• Some digital certificates conform to a standard, X.509.
![Page 9: The Southampton Pathfinder for Smart Cards in public services](https://reader036.vdocuments.us/reader036/viewer/2022070407/568143a1550346895db0227b/html5/thumbnails/9.jpg)
© Southampton City Council Sean Dawtry – Southampton City Council
Digital Certificate
• Can be held– Web Browser
– USB Token
– Smartcard
![Page 10: The Southampton Pathfinder for Smart Cards in public services](https://reader036.vdocuments.us/reader036/viewer/2022070407/568143a1550346895db0227b/html5/thumbnails/10.jpg)
© Southampton City Council Sean Dawtry – Southampton City Council
CA and RA
• Certificate Authority– Organisation responsible for issuing and
revoking certificates
• Registration Authority– Organisation responsible for performing
the registration process and verifies the identification of the individual
![Page 11: The Southampton Pathfinder for Smart Cards in public services](https://reader036.vdocuments.us/reader036/viewer/2022070407/568143a1550346895db0227b/html5/thumbnails/11.jpg)
© Southampton City Council Sean Dawtry – Southampton City Council
CA and RA
• Southampton City Council – currently performs the CA function.
• Smartcities– Currently performs the RA function
• Both are currently one in the same
![Page 12: The Southampton Pathfinder for Smart Cards in public services](https://reader036.vdocuments.us/reader036/viewer/2022070407/568143a1550346895db0227b/html5/thumbnails/12.jpg)
© Southampton City Council Sean Dawtry – Southampton City Council
CP and CPS
• Certificate Policy– Lays down the CA’s legal obligations – Liabilities– Holders obligations
• Certificate Practice Statement– Details the processes by which the PKI will be
managed i.e. Physical Controls, Personnel Controls, backup and recovery
![Page 13: The Southampton Pathfinder for Smart Cards in public services](https://reader036.vdocuments.us/reader036/viewer/2022070407/568143a1550346895db0227b/html5/thumbnails/13.jpg)
© Southampton City Council Sean Dawtry – Southampton City Council
CP and CPS
• How do they relate– The Certificate Policy generally states
WHAT is to be adhered to. The Certificate Practice Statement states HOW it will be adhered to
![Page 14: The Southampton Pathfinder for Smart Cards in public services](https://reader036.vdocuments.us/reader036/viewer/2022070407/568143a1550346895db0227b/html5/thumbnails/14.jpg)
© Southampton City Council Sean Dawtry – Southampton City Council
Verification
• Meets Office of the E-Envoy’s authentication framework
• Applicant must produce two forms of approved documents to verify identification
![Page 15: The Southampton Pathfinder for Smart Cards in public services](https://reader036.vdocuments.us/reader036/viewer/2022070407/568143a1550346895db0227b/html5/thumbnails/15.jpg)
© Southampton City Council Sean Dawtry – Southampton City Council
Benefits of PKI
• Entity Authentication– Verifies the Identity of a person or organisation
• Data Confidentiality– Ensures transmitted data is secure
• Data Integrity– Ensures that data is not tampered with in Transit
![Page 16: The Southampton Pathfinder for Smart Cards in public services](https://reader036.vdocuments.us/reader036/viewer/2022070407/568143a1550346895db0227b/html5/thumbnails/16.jpg)
© Southampton City Council Sean Dawtry – Southampton City Council
Benefits of PKI
• Non Repudiation– Neither party can deny transaction ever took place
• Privilege Management– Policies that govern access to sensitive data
![Page 17: The Southampton Pathfinder for Smart Cards in public services](https://reader036.vdocuments.us/reader036/viewer/2022070407/568143a1550346895db0227b/html5/thumbnails/17.jpg)
© Southampton City Council Sean Dawtry – Southampton City Council
Why PKI
• E-Government programme opens up more data to more people
• Could be sensitive
• Need to ensure interest of all parties are taken into consideration
• Important to know who is at the ‘other end’
• Prevention of fraud
![Page 18: The Southampton Pathfinder for Smart Cards in public services](https://reader036.vdocuments.us/reader036/viewer/2022070407/568143a1550346895db0227b/html5/thumbnails/18.jpg)
© Southampton City Council Sean Dawtry – Southampton City Council
Registration
Create X509 Certificate
Citizen Registers
CMS
Account created within the Card Management System
Certificate Request is granted and CMS authorised to encode card
Entrust Poller
Poller Checks for new requests frequently
CMS Informed if request is invalid
FTP
Certificate Request is created and stored in FTP Directory
Check CRM to Determine Valid user
Entrust ‘Get Access’ Account Created
![Page 19: The Southampton Pathfinder for Smart Cards in public services](https://reader036.vdocuments.us/reader036/viewer/2022070407/568143a1550346895db0227b/html5/thumbnails/19.jpg)
© Southampton City Council Sean Dawtry – Southampton City Council
Authentication
Cardholder inserts card and PIN
Certificate is copied to Cryptographic Store in Web Browser
Entrust ‘Get Access’
Server
CA
‘Get Access’ Server confirms that certificate is valid and performs authentication process
Web Client
‘Get Access’ acts as a proxy server for resources from SCC application server through firewall e.g. Housing Repairs
All communication between BEA Weblogic and the user occurs through the firewall and the ‘Get Access’ Server
BEA Weblogic
Server
SCC Back office
Systems
![Page 20: The Southampton Pathfinder for Smart Cards in public services](https://reader036.vdocuments.us/reader036/viewer/2022070407/568143a1550346895db0227b/html5/thumbnails/20.jpg)
© Southampton City Council Sean Dawtry – Southampton City Council
Entrust ‘Get Access’
Server
Data
SCC
Once completed Data Flush takes place to remove the certificate from the browser
Authentication
![Page 21: The Southampton Pathfinder for Smart Cards in public services](https://reader036.vdocuments.us/reader036/viewer/2022070407/568143a1550346895db0227b/html5/thumbnails/21.jpg)
© Southampton City Council Sean Dawtry – Southampton City Council
Lost/Stolen/Blacklisted Cards
• Card Loss Report– Smartcities Creates a ‘Hotlist’
– ‘Hotlist’ Sent to SmartPath
– Checked – Certificate and Account Revoked
– New Card Requested if Necessary
– Registration Process Begins
![Page 22: The Southampton Pathfinder for Smart Cards in public services](https://reader036.vdocuments.us/reader036/viewer/2022070407/568143a1550346895db0227b/html5/thumbnails/22.jpg)
© Southampton City Council Sean Dawtry – Southampton City Council
Issues
• Take Up– Hindsight is a good thing– Public Perception
• ‘Leading Edge’– Some Components ‘volatile’
• 2 pence pieces!– Jammed in Card Readers
• Certificate Practice/Policies– Lots of work
![Page 23: The Southampton Pathfinder for Smart Cards in public services](https://reader036.vdocuments.us/reader036/viewer/2022070407/568143a1550346895db0227b/html5/thumbnails/23.jpg)
© Southampton City Council Sean Dawtry – Southampton City Council
Main Partners
• ECSoft– Primary Integration Partner
• Entrust– PKI– Security and Authentication
• Smartcities/SchlumbergerSema– Smartcards and Smartcard Integration
![Page 24: The Southampton Pathfinder for Smart Cards in public services](https://reader036.vdocuments.us/reader036/viewer/2022070407/568143a1550346895db0227b/html5/thumbnails/24.jpg)
© Southampton City Council Sean Dawtry – Southampton City Council
The Future
• Develop Key Components as a Product that Could Implemented Elsewhere
• Share Documents – Certificate Practice Statement– Certificate Policy– Design Documents
• Add more Services– Requiring higher security levels
• Revenues and Benefits• Secure Payments (in and out)• Social Care
![Page 25: The Southampton Pathfinder for Smart Cards in public services](https://reader036.vdocuments.us/reader036/viewer/2022070407/568143a1550346895db0227b/html5/thumbnails/25.jpg)
© Southampton City Council Sean Dawtry – Southampton City Council
The Future
• Develop as a National model
• Integrate With UK-Online
• Obtain T-Scheme Approval
![Page 26: The Southampton Pathfinder for Smart Cards in public services](https://reader036.vdocuments.us/reader036/viewer/2022070407/568143a1550346895db0227b/html5/thumbnails/26.jpg)
© Southampton City Council Sean Dawtry – Southampton City Council