Client: East Khasi Hills Autonomous Council, Govt of Meghalaya.
Client: East Khasi Hills Autonomous Council, Govt. of . Meghalaya. The Khasi Hills Autonomous District Council (KHADC), Meghalaya was constituted under the Sixth Schedule to the Constitution of India, with Executive, Legislative and Judicial powers In the Autonomous District of Khasi Hills there are 54 Traditional Institute locally known as Hima/Elakas which are the Administrative Units with thousands of Villages having their own administrative and judicial functions. These Units are more or less the parallel of the Panchayati Raj System prevailing in other parts of India..
Case Study Details:
East Khasi Hills Autonomous Council issued trade license to Non tribals for operating business in East Khasi Hills Region to control of trading by non tribal. There are several annexure for different trades and fees of license according to annexure type. The prime requirement of council is to conversion of existing Trading License in paper form to Card based License, a MIS to track various trade type in the region operated by non tribal’s and other reports like List of Licenses not get renewed, Total Revenue Collection etc.
Paper license was found prone to wear and tear and plastic card was not able to store all relevant information needed. Also the lack of adequate telecom infrastructure prohibits online data collection from the field to match against those stored in remote servers. The main issues are :
Gathering all Data
Storage of Data so that it can accessed fast
Retrieval of Data as an when required
Prevention of issuance duplicates Trading License.
Smart Card thus are great medium to store offline data in a chip embedded in a credit card sized plastic card. Smart card is used to store License application data, authentication of Licensee like biometric, photographs etc.
Development, Testing, Implementation, Training & Application Support in addition with the following services;
Procurement Support : Finalization of hardware like Smart Cards, Readers, Barcode, Direct to Card printer, Encoder Etc.
Recruitment Support: Recruitment of Human resource on various job roles like system admin, back office operation people, Issuance Team etc.
The system integrates internal and external management information across the organization like Outreach Plan to understand the visit report, Training module to Enroll, registration, verification, issuance of training certificate, enquiry management system to create enquiry, customer registration, fees and placement and post placement management to get the proper MIS from the System. The system will automate these activities with an integrated software application with the purpose to facilitate the flow of information between all business functions.
Highlights of the Project:
- License is Intelligent Smart Card based.
- Data is encrypted and very securely stored in Card
- Large amount of data including historical data of the licensee stored in the Card
- Easy retrieval of data through a single swipe
- Reliable authentication
- Fool-proof identification and authentication using biometrics
- A hard-copy of the certificate is also provided on tamper-proof substrate
- Customized smart card processing application software
- Stringent Quality Control at each stage of the process
SYSTEM TECHNOLOGY & DESIGN:Smart Card Operating System
We selected SCOSTA as an operating system for smart card which is the designated national standard. SCOSTA-PKI is an extended version of SCOSTA-CL which supports Public Key based cryptography. SCOSTA-PKI provides a number of cryptographic primitives like RSA, digital signature computation, user-defined access permissions for data stored on the smart card, user-defined access permissions for critical command execution, on-card certificate chain verification and Secure Messaging between card and reader. Due to these superior security implementations and multiple application support, SCOSTA-PKI is considered most suitable for this security intensive Smart Card implementation in a military environment.
The above mentioned technologies are necessary but not sufficient means of an accurate personal identification. The electronic device reading the SCOSTA-PKI based card can only assess that the card has been issued by a genuine authorized person to another genuine authorized user. The backend system can further find out that the card has not been reported lost and all the certificates held on the card are still valid and have not been revoked. Some extent of personal identification can be achieved by provision of PIN or password which can be compared with the reference PIN and password stored on the Card. However, these could have been overheard or coerced from a genuine user by a malicious third party. We also use biometric mechanisms for identification of an individual with the reference templates stored on the card.
The communication interface between the smart card and the card reader is Contact Interface. Contact smart cards have to be inserted in a slot in the reader for communication to take place. The smart card has contact pads through which it makes physical contact with the reader's interface and a physical communication circuit is established. This interface has the advantage of not being susceptible to eavesdropping.