Monthly Archives: July 2008

R2: Search and Research

[Work done from 9th June to 22nd June 2008]

During the period 9th June 2008 to 22nd June 2008 we were mainly doing researches regarding our project issues. We also had a documented meeting in which we divided some search topics among ourselves and shared our knowledge we’ve gathered. Then I posted the meeting details to the moodle.

I was assigned to do some research on cryptography and hardware interfaces related to our project. Throughout this two weeks period I went through some research papers and referred to some books to study about PKI and cryptography. We’re still doing research to find a suitable eID container from two possible choices USB memory stick or USB smart card.

We had a techtalk on 26th June 2008 titled ‘PKI in Enterprise applications’ was really helpful to gather some information for some aspects of our project requirements. It was done by an epiclanka personnel. He explained about some of their products and functionalities. It was not a technical oriented presenatation but it arouse some profitable ideas.

Filed under Reports

R2: Research the Architecture

[Work done from 9th June to 22nd June 2008]

During the two weeks from 9th June to 22nd June 2008, project related activities our group and myself got involved were mainly related to research on different aspects of the project architecture and the hardware requirements.

PKI

As we plan to implement eID based on a PKI certificate authentication system, we had to study about PKI implementations and how we could use this for our needs. We also had to do some search and research how this could be utilized in offline authentication and other related issues.

Hardware/USB/Smart Card

The other concern we had is related to the needed hardware. The main hardware that we will be in need would be the eID ‘card’. We came up with few other alternative options than that we discussed earliear. One is a Smart Card with USB interface. Other one would a normal USB memory, but that could have a read only portion to hold the certificate/s.

System Design/Project Meetings

We also had project meetings to discuss and decide on possible project architectureas and improve on those. At most of the project meetings we had a lot of more new input from each member thus improveing on our knowledge.

Filed under Reports

R2: Electronic Identity using PKI

[Work done from 9th June to 22nd June 2008]

Passed two weeks were very important period for our group. Because we identified lots of important area of our project and what are the important hardware devices for our project. Within that period we had our seconds documented meeting and discussed lot of thing regard our project. In that documented discussion we discussed about:

  • how we planning to do the offline authentication of the digital Identity
  • privacy issues of the digital identity and Implement the privacy-enhancing tools in the eID infrastructure to disassociate different sectors where the user is active.
  • include Biometrics data such as photo,fingerprint,hands scan. eye pattern, ear pattern, voice recognition and signature.
  • a electronic identity, which shouldn’t have an expiry. The eID of that particular person remains forever. but If the physical ID meet the expiry time, the owner should be able to renew that.

Also the Tec-talk discussion based on “Application of PKI for Enterprise Information Security” by Mr.Roshan Chandrasiri (Epic Lanka). After that presentation we got better understanding about the digital authentication and the what are the hardware requirement for the project.

Also still we have doubt about the using USB eToken or Smart card (which have USB interface) as authentication token of the eID system. So we are still keep searching about the those technologies in internet. How ever within next two weeks we are going to finalize which one is going to be used in our system.

And also we need to understand the web services and the Architecture of the web services with the cryptography world.

Filed under Reports

R2: Privacy and Control

[Work done from 9th June to 22nd June 2008]

As I mentioned in my earlier report, after the submitting the SRS document the entire group members held two meeting to decide how we shall proceed with this project work. In that meeting we noted down few things which were related to the physical Structure of the eID, and how we are going to achieve the Infrastructural Requirements. And we considered some way to handle the Privacy Issues. They are classified here.

  • Users should have the control over the information they share with each and other services.
  • If there are any services where abuses can happen, then we will implement a system which prompts the user to accept for an end-user agreement, which lets the service provider or the main authority to track some data to identify the people only when there is a misuse.
  • Implement the privacy-enhancing tools in the eID infrastructure to disassociate different sectors where the user is active.

And we also found we need to understand the web services and the Architecture of the web services with the cryptography world. Still I’m browsing the internet to find research papers and eBooks about web Services.

Kanaganayagham Shayanthan – alias Shayanth

Filed under Reports