[Work done from 12th January to 25th January 2009]
During first week of this two week period I was working with the integration of JCOP 41 Java Card and eID Browser Extension together with the eID Desktop Application. Before loading applets to the Java Card it was required to complete all the testing in order to aviod harm to the Cards due to malicious code execution. I was also setting up the JCOP tool environment to start the Card burning and further testing.
We also completed our draft report and had two meetings with our supervisor Dr.Chandana Gamage and discussed about the final project report and reasearch paper related issues. We got valuable feedbacks regarding some report chapters,also he gave his support to formulate some topics more professional.
Then in the meantime we were working in full force to complete those required documentations.
During this time period I was mainly working on our main research paper with the contribution of other team members. I also contributed to the final project report. As both of these were due submission on the 25th we mainly working on these two most of the time. We had two meetings with our supervisor Dr.Chandana Gamage and discussed about the final project report and research paper. These meeting were very helpful in shaping up our research paper.
We were also preparing application for couple of international competitions for which we are planning to participate, and we started initial informal communication with some of the organizers to discuss regarding application procedures and other related details.
During this two week period I mainly contributed to our Final Report with other team members. And we had two meetings with our our supervisor Dr.Chandana Gamage and discussed about the final project report and research paper. These meeting were very helpful in shaping up our research paper and the final report.
During last two weeks time period I was mainly participating with research papers and final project report writing works. Because of both reports submissions due on 25th January we were strictly contributing research papers and final project report writing. Also we had two meetings with our project supervisor Dr.Chandana Gamage and discussed about the final project report and research paper. Those meeting were adding more values to our Research papers and final project report.
Also last within week I did several modifications to eID authentication web service. They were about keeping logs about web service access, develop and integrate policy constrain analyzing module to the eID web service and also I did new modification to policy parsing module, which is making the eID system more dynamic and more scalable.
[Work done from 29th December 2008 to 11th January 2009]
Within the last two week duration, I was mainly involved with final project report and research paper writing. I already had some preparation and just keep writing both paper most of time. Rather than writing the reports I had to involve with the system integration with eID web service plug-in too. Most of the core functionalities of web service is working perfectly and depend on some new requirements of the eID web browser plug-in, I had to do some changes to the web service. Most of the requirement are solved and but there still there is some remaining requirements to finish.
Also we had a meeting with project supervisor Dr. Chandana Gamage on 15th January 2009 and discussed mainly about reports and potential opportunities to publish papers. Also in that meeting we discussed about having a public IP for deploy the eID authentication and Identification web services.
I’m happy to inform you that we are now ready to release the Beta version of the eID Browser extension and the eID Desktop application.
Our team has now overcomed from many problems and now successes with the objective of the eID Browser extension and the eID Desktop application. I’m so happy on this success of the Beta version objective as a coordinating member of the eID software team, And I would like to thanks Malalesena on this mater in behalf of the team.
And again I would like to update all the team members about the Beta version of the eID Browser extension and the eID Desktop application.
Objective of the Beta version :
eID Browser extension -
1 : Make a connection with Browser and the Rilain party.
2 : Display the Re lain Party Policy to the eID card holder in a customised way.
3 : Get the acceptance from the eID hard holder to accept the policy.
4 : Get the Pass-Phrase from the eID hard holder : Pass it to the eID Desktop application.
5 : Get the Output from the eID Desktop application.
6 : Send back the details to the Re lain party.
eID Desktop application-
1 : Get the Re lain party Policy from the eID Browser Extension : Tokenise the Re lain party Police : Send back the details of the Re lain party Policy to the eID Browser Extension.
2 : Get the Pass-Phrase from the from the eID Browser Extension.
3 : [ Signing and Encryption of the wanted data ] Dummy work. – [ Plan to cover in the next working model ]
4 : Make the connection with the eID Web Services.
5 : Waiting for the reply from the eID Web Services : Get the reply from the eID Web Services.
6 : Send back all the encrypted details to the eID Browser Extension.
Now we have covered all this objective in the Beta version with many successive battles with the client side and web services side. And now we can forward on the line towards the next version. I have some objectives to be finished with the next version working model. That is we need to finished the eID Desktop application with the completion of the proper signing and prober encryption in the client side (Object 3 in the Beta version full fill with the original working model) in the next version.
For that we need to do some work on the eID Java card. I hope if we finished that we can replace the dummy model with the original codes.
From the Software development team coordinate,
[Work done from 15th December to 28th December 2008]
During last two weeks we started to integrate the project components together. So in the case of eID web service is secured in a manner that it can be only invoked by the eID Browser Plug-in created by Shayanthan. Hence, in last week we start to work together and integrate the web service and the web browser plug-in. That was little bit difficult task due to web browser plug-in was very sensitive to the string and case lost of matters. However finally we figure out the problem and solve that and successfully integrate the web service with the browser plug-in.
After some time we had another problem regard the web service and web browser integration, due to smart card can’t handle long string and we had a problem with signing and encrypting the XML policy string in the client side. So we decides sing the XML policy string’s hash value. So in the web service side also I have to change the bossiness logic that accepts the signature of hash value of policy string rather than signature of the policy string.
After that I concerned about improving web service quality by making that more dynamic. Still I’m working on that and expecting to move development of other web service after finish the eID authenticating web service. Then I start to writing of the final report and the research report of the eID system. So we had a group meeting regards the final report and the research paper. Finally we came up with a appropriate outline for those reports.
We also applied for the world summit award 2009 under e-Business/ e-government category. We had the national level pre-selections at ICTA Sri Lanka on Tuesday, December 23, 2008. We did the presentation in very satisfactory way and we are waiting for the results.
[Work done from 1st December to 14th December 2008]
For last two weeks I was working with eID Web Service and Rampart module, which is the WS- Security module of the Apache AXIS2. At last I successfully integrated and configured the Rampart module with the eID web service. So now eID web service is secured with message level encryption and signing. But still I have to do some changes for the web service.
Also we had a meeting with our project supervisor Dr. Chandana Gamage, and we discussed about the progress of the project. Also we were getting ready for the”World Summit Award (WSA) ” competition and our project has already been proposed.
Also within this week Shayanthan and myself will be starting to integrate eID Web service and browser plug-in. That was a really problematic thing and still we are doing the changes to our module for make it compatible to each other. Also we are planing to finish this integration with in the next week.
[Work done from 17th November to 30th November 2008]
In last two weeks I was spend my time with deploying the eID Web Service and making it securing. For implementation of WS- Security module in our web service I used Apache rampart module. It was best and stander way of securing Apache Axis2 web service. For some WS- security module problems contact MR. Prabath Sriwardana and the Mr. Nanadana Mihidukulasuriya form WSO2 via email who are WS- Security expert form the WSO2.
Also within last two weeks we did our third project demonstration. Before the final 3rd Demonstration, we did a trial demonstration to Dr.Chandana Gamage. He provides lots of valuable advices for the final demonstration and for the improvement of the project. Also final Demonstration was successfully did in front of panel consist with project supervisors.
[Work done from 3rd November to 16th November 2008]
After moving to the new architecture of the eID system, I continue my works with the Web Service again. First of all, I start to design the class which will be useful for the Develop the web service.
The service which should provide to the cardholder by the eID web service is first verifying Reliant Parties and cardholder. Then replying with an authenticating or an identification token, according to the Reliant Parties Policy request, send to the web service and the access level of the Reliant Party.
In here first eID web browser plug-in will take the policy of the Reliant Party and the Signature for that Policy from the Reliant Party. Then that Plug-In will clarify that policy with the cardholder and using the eID card it will sign the policy and invoke the eID web service using Authentication operation in web service.
Inside the web service that will take the policy and first of all it will verify that is policy is not tampered one using the signature send by the Reliant Party and the cardholder. If the policy is verified then web service will create a token and encrypt it with RP’s public key reply back with tat encrypted token.
Here policy request of the Reliant Party is consist of Reliant Parties eIDcode and the Claims that are need for the authentication process. And Also Token send by the Web Service will be consisting of the information according to the policy sent.
I used AXIS2 and WSO2 WSAS IDE for deploy the web service. Also, I used RSA Encryption and Decryption mechanism for the secured communication. For the signing purposes I used SHA1withRSA Signature and verification mechanism.
Using those technologies I deployed web service which has Core functionalities. Then I did a demonstration to group member about the web service. Still need some secure mechanisms for web service and I’m expecting to add those functionalities with in next week.
After the exam, I resume development of the web service. That was my first experience with web service development. So, I developed the web service while learning the web service development with apache Axis2, WSAS (WSO2 Web Service Application Server) and eclipse IDE. While developing the web service I figured out some problems with our system architecture.
According to previous system architecture;
In online authentication, First user will try to login to Reliant Parties (RP) web site. At that time RP will send a request to eID web service, asking authenticate the user (card holder). Then web service will be prompt a applet in the card holder web browser. Using that applet we service will access the USB smart card based eID and authenticate user and redirect user to the RP web site again.
But finally I figured out that is not possible in web service because, in web service all the executions are happened in server side and browser redirections are not possible in web services. (We were very new to web services to understand that before)
Then I informed about that problem to the group members and we discussed about that. Finally we come up with a solution that having a separate layer (ie- web page) in front of the web service and then RP will redirect to the card holder to that layer and using that layer web service can access to the eID card without redirect user inside web service.
But after sometimes we figure out that not providing the optimal solution for the eID system. So we decided to have meeting with the Dr. Chandana Gamage after the vacation.
Then I started struggling with web services again.
[Work done from 18th August to 31st August 2008]
With in last two weeks we involved with lots of project related works, including prototype development of web service, writing design document and discussing new project ideas. Last two weeks we had come up with some new ideas about the eID system, so we had several project meeting with in last two weeks and we discussed about those new features proposed for eID system.
Prototype development was become very interesting and innovative matter. First I started the development of the web service, which handles the online authentication and the Identity. At there, my ambition was developing web service with fundamental features. While developing prototype we identified lots of difficulties which can occurred using web service alone. Finally we decided to implement the online authentication system with a web service and a Servlet container.
Using USB memory stick as the eID token may lead system to very serious privacy issues. Because USB memory stick haven’t any processing power and we have to take the do the all the operations in the PC, which we have plugged the eID card. During that time privacy data of the cardholder can be used for malicious activities. So we decided to use USB smart card as eID card which has processing power. Also we discussed about implementing Anonymous credentials concept to solve the privacy issues.
We started the writing design document also, we discussed about the structure of the document and we divided the report into four main parts and started the documentations.
[Work done from 4th August to 17th August 2008]
On 15th of August we had a meeting with Dr.Chandana Gamage and we discussed lots of things regards the project. In that meeting we mainly concerned about the Privacy and Unlinkability of the eID. Because of less Privacy and Unlinkability maybe case failure of the eID system, Dr.Chandana Gamage advice us to increase the Privacy and Unlinkability of the eID project comparing to other similar implementations. In that meeting he provided some suggestion and let us come up with a better solution.
After this meeting we had several meetings regards the new requirements and how to extend the project according the new requirements. And also we discussed about the keeping our project according to Digital Identity standards (seven laws of Identity). Finally we realize that, in the case of the “online authentication” our system design needs no changes. But in the case “offline authentication” our system has short of some features.
Because of Web service part is one of the main parts of the eID system and we got more clear idea about the web service part rather than other part of the system, I started develop web service part of the system in this week.