Date post: | 22-Dec-2015 |
Category: |
Documents |
View: | 212 times |
Download: | 0 times |
eGovernanceUnder guidance of
Dr. P.V. Kamesam
IBM Research Lab
New Delhi
Ashish Gupta3rd YearB.Tech , Computer Science and Engg.
IIT Delhi
IntroductionDefinition of eGov
It can be defined as the civil and political conduct of government, including service provision, using information and communication technologies.
e-Gov solution
Government GovernmentTransactions
Citizens
Overview of PresentationPart 1 : Content ManagerPart 2 : Audit Trails in Distributed Databases
Intro to Content Manager
The Problem A Major challenge in eGov : Data Management
E.g. Land Records , Citizen Database etc. Content Manager : a Possible Solution
What is Content Manager ?
Content Manager (a product from IBM) is a scalable solution for storing and retrieving documents of various types.
Content ManagerBrief Overview of the features of CM
1. Lets you store content regardless of format.( Unstructured data )
E.g. text documents, scanned images, audio, video, forms any binary object
2. Stores data on distributed servers and provides single point access.
3. Provides many sophisticated features like Access control Storage management – Archiving , Purging , Migration User management Automated Workflow Enterprise wide search from Internet or intranet clients. Streaming audio and video.
The Beginners Guide to CM Provides an introduction to a layman about
Content Manager Covers essential topics of CM Relevant Figures to explain important concepts All discusses development of Client Application
for CM Useful Appendices with extra info like installation,
references etc.
Developed an easy to use CM Programming API
Benefits Makes it very easy to perform operations on
the CM Database Encapsulates the complexity of CM API Object Oriented Approach allows easy
integration into new apps Speeds up Application Development Time
Extensibility : Acts like a new layer on top of CM
New layers like Custom Access Control , Audit Layer can be added
Content Manager APIFolder Manager APILibrary Client API
SimpleCMAPI
Application
Security LayerAudit Layer
Developed a new easy to use API on top of Content Manager Programming API
A Prototype Application
Defining the problem
Proposed a prototype solution
Developed an Application in Visual C++ on top of Content Manager
Demonstrates use of our new API with additional layersWorkflow
Security Layer
Audit Layer
Inner Line Permit for VISITOR
RESIDENTSHIP
Requirements for entering Arunachal Pradesh
OR
Some Screenshots of the Application developed
Security Layer
Workflow in CM
Two databases:
•Citizen Database
•Inner Line Permit Database
Main Screen
Definition of Audit TrailAn audit trail is a series of records of computer events, about an operating system, an application, or user activities.
Purpose of Audit Trail Individual Accountability: track individual actions
to facilitate audit. Reconstructing Events: reconstruct events as and
when required. Problem Monitoring: online tools to help monitor
problems Intrusion Detection: identifying attempts to
penetrate a system and gain unauthorized access.
Audit Trails on Distributed Databases
The eGov MiddlewareData Virtualization
Isolates logical view of data storage available to the application developer from the physical placement
Data Virtualizer
TransactionCommands
Query processor and optimizer
Database Database Database Database
MIDDLEWARE
Application
Audit Trail Component : A module responsible for managing the audit trail of eGov applications across the entire system.
Problem DescriptionWhere can we place the Audit Trail Component in the eGov
Architecture ?
Possible options:1. Application2. In the Middleware , above DV Module3. In the Component Databases
Issues Involved in the Placement Security Issues
Risking security at the hands of applications Tamper proofing of Audit Trail
Implementation Issues Application Complexity Database design Complexity
Audit Trail Transparency to the application developers
Consistency of Audit Trail across the entire system Ease of Audit Policy Management
Proposed Solution
Data Virtualizer
Query processor and optimizer
Database Database Database Database
Audit Policy Database
MIDDLEWARE
TransactionCommands
Audit Trail Agent
Application
SECURITY
Further Research IssuesAudit Trail Agent Architecture
Storage of Audit Trail is an issue Distributed or Centralized ?Possible Solution:A Buffered Distributed - Centralized Architecture Amalgamation of audit trail data at the central server
• Timestamping issues to ensure correct chronological sequencing of audit trail for analysis – Time sync , which time to use
• Proper Categorization of Audit Trail data to facilitate analysis Ensuring Tamperproofing of Audit Trail for the Auditor
• Authentication of Distributed Sources• Encryption• Access Control • Secure Transmission
Audit trail management (Archiving and purging) Access Control to Audit Trail
Conclusion
Extensible API developed for Content Manager along with an application
Audit Trail Architecture in eGov
Working at IRL Team work Research Experience Responsibility
Thanks
Things Learnt Enterprise Database Technology Visual C++ / Database Interaction API Wrapper Technology Distributed Database Systems Audit Trail Technology and Middleware Tech. Security Issues in large scale databases
IIT Education• File Systems Course
• CS120 and CS130
Other Tasks Laid down a list of requirements for eGov data
management solutions A document on security issues of smart cards
Future Work
Integration of EIP with CM
Further extension of the new CM API with focus on security and audit trail layers
Development of applications for more real life scenarios
Architecture of CM
LibraryServer
Multiple Object Servers
Client
Fig: Architecture of Content Manager for a single Implementation