Tag Archives: Nimal

[Work done from 21st July to 3rd August 2008]

We had the first formal presentation on the 24th of July which was to on the work done up to end of June 2008. We prepared for the presentation as the group and did a demonstration of that on the 22nd to our project supervisor Dr. Chandana Gamage. He suggested us with few changes that could be done and that helped us make the presentation even better. I did the presentation on behalf of our group and we had a mixed feedback including places where we need to fast up and we were asked to come up with a demonstratable outcome before the semester end.

Next we were asked to create a project website and we created ours’s at www.project-eid.org. We are in the precess of keeping it upto date with latest updates of the project.

On 25th Friday we had meeting with Mr.Ruchith Fernando at WSO2 and his team who work on WSO2 Identity Solution. In that meeting we discussed about similarities and differences between WSO2 Identity Solution and eID project. We found that trying out WSO2 Identity Solution before proceeding on the project would be beneficial to us. So we started do that and completed installing and configuring. Malalasena is working on that.

We also decided to go with a USB Memory Stick based card and not a Smart Card. The reason for this was the cost factor and complexity. We have also decided that the USB Memory Stick can be fully read only type or partial read only where the private key can be kept. We have been experimenting with TrueCrypt (http://www.truecrypt.org/) which could be used for these purposes sometimes.

We have also divided our project responsibilities among team members and we are targeting 15th August as the next deadline for some demonstratable outcome from each member.

[Work done from 7th July to 20th July 2008]

We had a weekly discussion with our project supervisor during this period and we mainly discussed about the backed systems that we could use with our project. We learnt about the Kerberos architecture and the related Kerberos protocol that is useful in any authntication based systems.

We have devided our things to look into as the following

• Hardware – USB Smart card or USB memory stick
• PGP / CA
• WS-Identity – what we can get from this

We also got prepared for the first formal presentation during this period. We created a presentation slides for this purpose.

We will also be meeting with a person at WSO2 during next week to discuss about WS-Identity.

[Work done from 23rd June to 6th July 2008]

We had formal discussion with the team members to discuss what we have to do and what each person should take responsibility of. Me and Ramanan looked into using PKI in our system. We looked into systems like GnuPG, OpenPGP and we studied with the internet resources to understand who PKI authentication works.

We were unable to install and test with a PKI system as we didn’t have much knowledge on how that works. Also through web resources we were able to get only a limited amount of knowledge which gave us the basic idea about PKI system but not full implementation details.

We also had a weekly meeting with our project supervisor Dr. Chandana Gamage and this provided us the opportunity to discuss about our progress and problems in the project.

[Work done from 9th June to 22nd June 2008]

During the two weeks from 9th June to 22nd June 2008, project related activities our group and myself got involved were mainly related to research on different aspects of the project architecture and the hardware requirements.

PKI

As we plan to implement eID based on a PKI certificate authentication system, we had to study about PKI implementations and how we could use this for our needs. We also had to do some search and research how this could be utilized in offline authentication and other related issues.

Hardware/USB/Smart Card

The other concern we had is related to the needed hardware. The main hardware that we will be in need would be the eID ‘card’. We came up with few other alternative options than that we discussed earliear. One is a Smart Card with USB interface. Other one would a normal USB memory, but that could have a read only portion to hold the certificate/s.

System Design/Project Meetings

We also had project meetings to discuss and decide on possible project architectureas and improve on those. At most of the project meetings we had a lot of more new input from each member thus improveing on our knowledge.

[Work done up to 8th June 2008]

We started working on this project during the later part of March 2008. This was not the first project that we considered, but we had to leave out our other suggestions due to various reasons. The main reason for choosing eID as our project was the common interest shared by all the group members.

Our initial project discussions were mostly done thought only, specially emails and group IMs, as couple of our members were away home during initial couple of weeks. Before and after choosing the project topic, we had to do much reading online, specially on website related to existing Electronic ID implementations. We also referred to many research papers related to electronic identification and digital authentication. During this period we had several meeting with the project members and shared our ideas. We planned it in such a way that each member would read different papers, and at the meetings each of us would present the useful knowledge of it. This way we had the participation of all members in the process.

We also met our project supervisor Dr. Chandana Gamage couple of times to discuss our project idea while preparing the proposal. He was very much helpful to us and directed us to referring more papers and other related material. His inputs were crucial in shaping up the project idea, in terms of privacy and security aspects of the project.

Other main tasks carried out during this period:

• Preparing Project Proposal
• Preparing Requirements Specification

Preparing Project Proposal

We started by putting up some ideas from each member together. After reading about many other successful eID implementations as well as some failures, we had some idea about what features are needs and what could be avoided. We had meetings with group members to finalize our ideas. After this we prepared a draft proposal and submitted that to our project supervisor Dr. Chandana Gamage. His inputs to the proposal helped a lot in shaping up the proposal. We added more privacy and security features after these meetings. Each of our group member prepared different parts for the proposal and we put all together to make the final proposal.

Preparing Requirements Specification

After the proposal we had to do the requirements specification. For this also we had to refer many other research papers and other relavent documents. AdaptID of Belgium and FINEID of Finlad were to major sources we referred for this. Then we used collaborative methods to write the document. I contributed by writing two of the functional requirements and some of the other elements of the document, while other members contributed in writing other parts of the document.