Tag Archives: Nimal

[Work done from 29th December 2008 to 11th January 2009]

During this two weeks period I was involved in the following activities in our project:

1. Completing the Card Creation Application: I was not able to finish this in time as I expected, due to problems I faced with XML generation and XML signatures. I’m also having some issues related to including the Web Service into this, for which I have to work with Malalasena.
2. Final Project Report: Ramanan was appointed in charge for project report, and he divided work among all group members. I first started writing about my individual contributions. I will have to write and complete some other part also soon.
3. Research Paper: We also stared working our main research paper. We had several group discussions on this and we also discussed with out project supervisor about this.
4. Competitions/Conferences: Our project team and our supervisor are interested in presenting our project in events outside Sri Lanka, and I search and contacted some potential events, and we are in the process of preparing the applications for this.

We are almost nearing the completion of the project with some minor issues lift to besorted out.

[Work done from 1st December to 14th December 2008]

Project Management

During this time we decided to go with a tightly planned schedule with individual deadlines as to make sure that we work according to plans and finish in time. We had a meeting with our project supervisor Dr. Chandana Gamage on 4-12-2008 and discussed about the progress of our project, and about our plans to complete the project in time.

Project Development

I worked on the final stages of the eID Offline App and integrated the PoI Database functionalities to it. For this purpose I used SQLite databases and I had to learn a little (or spend couple of nights) for that.

I also worked on the Card Creation application and we have proposed a new card numbering system with checksums and finalized the eID-XML format. I have completed the basic functionalities of the eID Card Creation module, and I’m continuing to work on that these days.

Posts related to activities during this time:

• Project Progress and Work Plans
• Meeting with Project Supervisor (4-12-2008)

[Work done from 17th November to 30th November 2008]

I mainly worked on two components of the project during this stage.

1. eID Information Card
   This is an XML based file where the digital information of the card holder will be stored in.
   I followed well defined standards for identity cards in designing this, and also included the user image as a MIME object, thus eliminating the need for another file.
2. Offline Application
   I also completed the first phase of the offline application, which had support for USB based for eIDs.
   Also the PoI db feature is not yet implemented.

We also had couple of meetings with our project supervisor and discussed regarding the 3rd formal evaluation which was on the 27th November. We also did the demonstration for the evaluation during this time period.

[Work done from 3rd November to 16th November 2008]

We started working more on the project as we had set some of our own deadlines after our switch to the new architecture.

I’ve been working on the Read Only USB based eID, which will another form of eID apart from the Smart Card based eID. I research about how to make a USB memory stick read only and found no possitive results on that, but I’m continuing to find other workarounds to tackle this issue.

I’m also working on the Offline Identification Application of the eID frame work. This is a standalone application that will run is a special devide. This application will also include a PoI database verification, and I’m working on that too. This involves key verification of the eID file, and I’m currently implementing this to support only USB memort based eIDs, but we might extend it to Smart Card based eID also.

I also did some modifications in out CSE SVN repository to use externals, and also did some modification in the Project eID website.

We are also continiously updating our website at www.project-eid.org, and out blog at blog.project-eid.org.

[Work done from 20th October to 2nd November 2008]

During this period we had couple of meetings with our project supervisor Dr. Chandana Gamage, which lead us to a redesign of our architecture. We found that there were some flaws in our earliear architecture, in which the eID WS was sitting on the middle, which could easily lead to problems in terms of load as well as attack prone.

So we discussed on this as decided to make the end-user to be at the end and include one more application to our deliverables list that would be a browser plugin. This plugin will now at as the center point which will handle the message flow from relying party, web service and the eID card.

Also we decided to add one more deliverable to our project in the form of an alternative eID card to smart card based one, using a read-only memory stick. Though this would miss some security advantges, this could give some advantage interms of cost of the device.

I was mainly working on the above two modules of the project during this period. There were no many ways to make a normal USB drive readonly at software level, but it could be done at hardware level. Also there is the option of using virtual partition of the USB drives but this might lead to a Windows-only kind of a situation with my current observations. So I’m exploring into options for possible alternatives to build as read-only memory based eID card.

I have also setup the project repository at http://svn.project-eid.org to which we will be committing our codes in future.

We also finalized our list of final project deliverables with our supervisor as follows.

• eID card
  • Smart card based
  • Read-only memory based
• Online Authentication Web Service
• Browser plugin for online authentication
• Offline Authentication Application
• Card issuing/creating application
• 2 (or 3) Research Papers

I think we are on track now, and with some speed up development we can do think better in days to come.

Its Vacation during Project, not Project during Vacation

I started back working on the project couple of days after the exam. The first thing we had to do was to finalize the architecture in the online authentication and web services part. Malalasena and Shayanthan who were working on the WS part encountered some problems that required us review back the system design for changes. We had couple of meetings to discuss on these matters. After this we came up with changes and proceed on to development.

On the other had I worked on the project web site mainly. Though we had the documentation site at http://codex.project-eid.org/ we felt it could be better to have a blog to update our latest developments then and there. So I setup a blog using WordPress at http://blog.project-eid.org/ I also crearted usernames for each users, so that all of us can post independently. We then migrated mostly all the reports and posts from Moodle and some from our Google Docs to this blog, as appropriate.

I also did some tweeks in MediaWiki on which Codex site is running to suite more to our requirements. I also installed a custom made theme for the Codex site. (I’m thinking of porting the same theme for the blog as well in future.)

Then I setup the SVN code repocitory for the project at our site. But that is currently closed for public access due to some problems, and I’m trying to solve those currently.

Finally I also designed a nice index page for the project web site which is pure HTML and CSS, and it will be the home at http://www.project-eid.org/

We are into serious work after the vacation, and I hope things will go on smoothly in days to come.

[Work done from 18th August to 31st August 2008]

During the last two weeks we were engaged in the following tasks:

1. Completing the draft paper of the research on ‘Privacy Enhanced Data Management in eID Systems’
2. Preparing the design document
3. Finalising the system architecture

We had several group discussions and two meetings with our project supervisor. We discussed about the system architecture for the design document. Then we did the draft version of the design document and submitted that for the review of supervisor. I worked on the part of eID card design specs. We had to move from USB memory stick to Smart Cards. This is due to the privacy issues with keys. I also wrote many textual descriptions for the design document.

Doing the research paper was also interesting. But it was little hard as we have never done such before. We had several discussions on the topic, read a lot of papers in the related topics and then we collectively wrote the draft paper. We have now submitted the draft paper for review and we think the is room for many changes in that before proper publishing.

[Work done from 4th August to 17th August 2008]

During this period of two we involved in developing a prototype that could be used to demonstrate our system. But we were unable to complete that due to some misunderstandings and problems. We found most of these problems after the meeting we had with our project supervisor.

We had the meeting with project supervisor on August 15. This meeting was mainly focused on how we are progressing and what we need to do soon. (Details can be found here) The main think we found was that our system architecture was not a very complete and strong one and thus needs changes. We were with some misconception about how the system could be used in an offline mode. Specially we had to address the issues such as Privacy and Unlinkability, while providing some extend of backtracking features in a protected manner.

We found it very difficult these into our previously decided design, so we decided to have meeting with team members to discuss on these issues. As of the outcomes of these meetings, we found that our design has the ability of providing the desired amount of privacy requirements when it is running in the online mode. But we had some conflicting issues when it is running on offline mode. In terms of the eID card also we are having difficulties again when it comes to protecting privacy offline. This happens because even if we restrict access to digital data in card, we have no way so far to ristrict access to data printed on card. Thus we are still reading on this issues.

On the other hand we have the tight schedules in which we have to come up with prototypes for evaluation as suggested by our project supervisor. So we decided that we would go on making a very basic web service that could later be extended to match our needs. So Malalasena and Shayanthan are working on the prototype webservice, while I’m working with Ramanan on the system architecture design and issues related to privacy in offline and online.