thailand e-government roadmap
DESCRIPTION
Nantawan Wongkachonkitti (Presented)Siriporn Pongvinyooo (Supported)TRANSCRIPT
1
Thailand eThailand e--Government Government RoadmapRoadmap
2
AgendaAgenda
• Overall the ICT Thailand status.
• The ICT Master Plan No. 2, ICT 2020.
• Thailand e-government status.
• Development of Thailand e-government.
3
ICT Indicators for Thailand on the world stageICT Indicators for Thailand on the world stage..
Source: The Economist Intelligence Unit
4
ee--readiness rankingsreadiness rankings
Source: The Economist Intelligence Unit
5
Source: WEF
NetworkedNetworked--Readiness RankingsReadiness Rankings
6
The big problem Thailand's ICT development in all the indexes. The availability of infrastructure, information Which are still inadequate and not evenly spread. To the development and utilization of ICT to the amount of knowledge. Business development services of government. Can not be effective.
ICT Indicators for Thailand on the world stageICT Indicators for Thailand on the world stage
7
Compare the proportion of people with fixed line phonesCompare the proportion of people with fixed line phones
Overview of the Thailand telecommunicationOverview of the Thailand telecommunication
Source : IMD World Competitive Year Book 2007
Unit: per 100 people
8
Overview of the Thailand telecommunicationOverview of the Thailand telecommunication
Year 2550, Thailand has Penetration Rate 2.1%, while in Malaysia.
Year 2549 , Thailand ha Penetration Rate 4.6% , in 2553 Malaysia the targets go to 7%.
High-speed InternetHigh-speed Internet
9
Structure of Broadband Internet in the worldStructure of Broadband Internet in the world
Source: Gartner (November 2008)
Broadband Internet use trends of world, regional, and Broadband Internet use trends of world, regional, and ThailandThailand
Growth 73.9 %
Growth -10.6 %
10
ท่ีมา: Gartner (November 2008)
Number of broadband and Narrowband in Thailand
Broadband Internet use trends of world, regional, and Broadband Internet use trends of world, regional, and ThailandThailand
11
source: Gartner (November 2008)
Structure of Broadband Internet in Asia Pacific
Growth -4.3 %
Growth 31.6 %
Broadband Internet use trends of world, regional, and Broadband Internet use trends of world, regional, and ThailandThailand
12
Internet Usage Growth (Internet Usage Growth (Daily Daily Page view) source: truehits.netPage view) source: truehits.net
13
Thailand ICT Master Plan 2009-2013
14
Vision of the Thailand master plan for ICT.Vision of the Thailand master plan for ICT.
Thailand is a rich intellectual society.(Smart Thailand) with ICT
Rich social intelligence "here means. Social development and use of information technology and communication wise. Using the guidelines of the sufficiency economy philosophy. People have all levels of intelligence (Smart People) and knowledge of information (Information Literacy) to access and use of
information as a critical moral and ethical literacy. Benefits to themselves and society. The management of information technology And communication with Governance (Smart Governance) to support the
development to Economic and social base of knowledge and innovation, sustainable and stable
15
Vision “SMART”
Thailand
1. To develop manpower in quality and sufficient .
2. To Develop ICT broadband infrastructure.
3. To ICT management system with Governance Governance.
ObjectivesObjectives
1. To improve the quantity and capability of manpower.
2. A Governance and management of ICT Governance in the national
3. To support the restructuring of production towards value-added products and services.
4. to make strength the community and individuals.
5. A business and industrial potential of ICT.
Vision Vision -- Mission Mission -- ObjectivesObjectives
Mission
16TargetsTargets At least 50% of people have access to knowledge and use
of ICT is critical, and literacy.
Enhance the availability of ICT in the Networked Readiness Index in the Top quartile (25%).
Proportion of industrial value-added ICT.The GDP of not less than 15%.
17
SMART Thailand
Manpower Development.(ICT Professionals and “Information-Literate” People)1
Management of ICT with good governance (Institutional arrangement, Rules and Regulation, Financing, …)
2
ICT Infrastructure development.3 Capacity of the ICT industry.5
Use ICT to support the Governance and Use ICT to support the Governance and governance in the management of public
services. 4
Use ICT to enhance the sustainable competitiveness.
(Strategic Sectors, SMEs)6
Hardware Software Communication
Development strategyDevelopment strategy
18
SMART Thailand SMART Thailand 20202020
Smart Government
Smart Agriculture
Stronger Economy
Smart Services
Social Equality
Smart HealthSmart Learning
Environmental Friendly
Smart Environment(ICT for Green &
Green ICT)
ICT Human Resources and ICT Competent Workforce ICT Infrastructure ICT Industry
ICT 2020 Framework
19
ICTICT20202020:: Key Success FactorsKey Success Factors
Smart Smart ThailandThailand
20202020
The government must communicate a clear public. ICT / Broadband as a National agenda.
Must provide the structure of the implementation status and supervise the ICT Agenda driven a clear and practical to drive must come from top management.
20
Leadership and Governance StructureLeadership and Governance Structure
Improve the composition and structure of authority of the NITC and the need to follow-up meeting at least once a quarter.
The agency of the Ministry of ICT has served as the Executive Office of Public Information (Government Chief Information Office: GCIO) is a central agency to coordinate and drive the country's ICT agenda, preparation of policy and master plan. Evaluation. Should have the flexibility to work
To agencies responsible for the strategic focus following.– National Cyber Security Agency
– Government Information Technology Services
21
Leadership and Governance StructureLeadership and Governance Structure
To the mechanism of linkages of the NITC and other national committee. The responsibilities related to some dimensions of ICT development such as
– Electronic Transaction Committee
– Commission created the National Economic Policy.
– Board of Governor of the National Telecommunications and new series will follow the law.
22
Development of Thailand e-government
23
Political will
And support
Computer and
Network
Infrastructure
Rules & Regulations
Legal InfrastructureSecurity &
Policy
Information
Infrastructure
e-Commerce
Infrastructure
HRD CIO/CEO
Program
- CIO Training
- CIO Forum
- CIO Conference
Information
in every
organization
- e-Commerce
Resource Center
- G to C
- G to B
- e-Procurement
- e-Tax
- e-Citizen
- e-Marketplaces
- Electronic Transactions Act
- Data Protection Law
- NII Law, EFT Law
- Gov Data Infrastructure
- Gov News Exchange
- Gov Data Exchange
- Gov Interoperability Standard
- PKI
- ThaiCERT
- Computer Crime Law
- Government CA Service
- Ministry of ICT
- National ICT CommitteeNational Operation
Center
- Government IT Services
- Government Information Network
- SchoolNet
Civil Servant
Attitudes
Thailand eThailand e--Government Development Beneath the IcebergGovernment Development Beneath the Iceberg
24
25
26
27
Ministry of ICT. To plan the direction of development of e-Government Year 2548-2551 (e-Government Roadmap), which set important plans in the development of management systems. And services sector of the country. To a concrete result.
Infrastructure : Infrastructure development, information technology and communications. Services : Development of public services through electronic systems. Regulation : To improve law and regulations.
Development of Thailand eDevelopment of Thailand e--governmentgovernment
28
Milestones of the
Ministry of Information and
Communication Technology is
committed to transform the
administrative process. And
government services through
modern technology. To facilitate the
public. Efficiently Quickly and
thoroughly.
E-Government.
(e-Government) is considered as a
change management system,
government system and public
service. Government policy that
secures the needs of the people at
the center (Citizen Centric).
Phase 1 by the year 2553.C-Government targets or Connected Government that links between government agencies in providing e-Services.
Phase 2-3 by the year 2554-55.The m-Government Mobile Government or the links between government agencies through mobile phones and other mobile computing devices. In providing e-Services.
Phase 4 by the year 2556 A u-Government Ubiquitous Government or the links between government agencies. Through multiple channels. In providing e-Services at any time and any time a service is 24x7.
Phase 4 by the year 2557 The T-Government Transformed Government or the government or through conversion of the definition of the United Nations. The government closer to people from all sectors. A link between government agencies. Through multiple channels. In providing e-Services at any time and any time a service is 24x7.
EE--govgov RoadmapRoadmap
29
30
Introduction to PKI and Trust Model
31
Why Do We Need PKI? Cryptography Technology Public Key Infrastructure (PKI) Certification Authority (CA) & Certificates Use of Certificates Trust Model
– Hierarchy– Cross Certification– Bridge CA– Cross Recognition– Certificate Trust List
AgendaAgenda
32
Why Do We Need PKI?Why Do We Need PKI?
Confidentiality
InternetInternet
ReceiverSender
Hello Alice Hello Alice
Intruder / Hacker
Hello Alice
Data Disclose
33
Why Do We Need PKI? (Why Do We Need PKI? (22))
I love you
Integrity
InternetInternet
ReceiverSender
I love you I hate you
Intruder / HackerI hate you
Data Alteration
34
Why Do We Need PKI? (Why Do We Need PKI? (33))
Identity in the Cyber World :
from: [email protected]
from: [email protected]
Authenticity Non-Repudiation
35
Why Do We Need PKI?(Why Do We Need PKI?(44))
4 functions are provided by PKI
ConfidentialityEnsure that nobody can get knowledge of what you transfer.
IntegrityEnsure that message has not been modified during transmission.
AuthenticationYou can verify the person you think you’re talking to.
Non-repudiationSender cannot be denied being associated with it.
36
Symmetric Key Use the same key for encryption and decryption
Buy 500 items $%c@!f4)e_&7#+ =
Encryption
Buy 500 items$%c@!f4)e_&7# + =
Decryption
The same key (Pre-shared secret)
Advantages: Disadvantages: Faster than Asymmetric Key Use for encryption
Key Management Difficulty of secure key
distribution
Cryptography Technology Cryptography Technology
37
Asymmetric Key Use different keys for encryption and decryption
Buy 500 items + =
Encryption
$%c@!f4)e_&7# Buy 500 items$%c@!f4)e_&7# + =
Decryption
Different Keys (Key Pair : Private Key & Public Key)
Advantages: Disadvantages: Systematic Key Management Use for encryption,
authenticity, integrity and non-repudiation
Slower than Symmetric Key
Cryptography Technology (Cryptography Technology (22))
38
Asymmetric Key
Private Key Kept secret. Know only to the owner.
Public Key Stored in a location that is accessible by
everyone. Don’t keep secret.
Cryptography Technology (Cryptography Technology (33))
39
Asymmetric Key Usage
EncryptionEnsure the data will be kept secret.
Digital SigningAuthorize sender and ensure Data Integrity.
Confidentiality
Integrity
Authentication
Non-repudiation
Cryptography Technology (Cryptography Technology (44))
40
Public Key Infrastructure (PKI)Public Key Infrastructure (PKI)
What is PKI? Public Key Infrastructure (PKI) is a system of
digital certificates, Certification Authorities (CA), and other registration authorities that verify and authenticate the validity of each party involved in an internet transaction.
41
Public Key Infrastructure (PKI) (Public Key Infrastructure (PKI) (22))
PKI Components
Certification Authority
RegistrationAuthority (RA)
End Entity(EE)
Repository
(CA)
42
Certification AuthorityCertification Authority
Certification Authority (CA): CA issues digital certificates for proving their identities.
Certification AuthorityMr. A
Mrs. B
CA
Secure Transaction Secure Transaction
DigitalCertificate
DigitalCertificate
DigitalCertificate
Web Server C
Web Server CMr. A Mrs. B
43
What is Certificate?What is Certificate?
Digital Certificate An object used to bind the
identity of end entity to its public key.
Contains attributes about the end entity.
Issued and digitally signed by Certification Authority (CA).
- End Entity Information
- CA’s Digital Signature
- Certificate Information
- End Entity’s Public key
44
CertificatesCertificates
Example of Certificate
45
CertificatesCertificates
Example of Certificate Types
Personal Certificate
Organizational Certificate
VPN Certificate
SSL Certificate
Code Signing Certificate
etc.
46
CertificatesCertificates
Certificate Life Cycle ManagementCertificate Life Cycle Management
Creation
- link public key to certificate- used to identify EE
Distribution
- transmitted by owner- stored in repository for later retrieval
Expiration
- certificate expired- certificate revoked (publish CRL)
- key archival- key recovery
Registration
- register to RA- verification: information of EE- certificate issuance: by CA
47
Uses of CertificateUses of Certificate
General Uses of Certificate Secure e-mail (S/MIME) Secure Document Secure Socket Layer (SSL) Time Stamp service etc.
Specific Uses of Certificate e-Tax e-Procurement e-Invoice etc.
48
Uses of Certificate (Uses of Certificate (22))
Example of PKI Applications
S/MIME Microsoft Office Outlook Mozilla Thunderbird
SSL Microsoft Internet Explorer Mozilla Firefox
Secure Document Microsoft Office
OpenOffice.org
49
Trust ModelTrust Model
HierarchyHierarchyCrossCross--CertificationCertificationBridge CABridge CACrossCross--RecognitionRecognitionCertificate Trust ListCertificate Trust List
50
The simplest approach to a PKI framework is to have a single root CA. Root CA holds all certificates; all users refer to and trust it for all transactions. Also intermediate CAs are trusted because the root CA, which certifies it, is trusted.
CA1 CA2
CA 1.1 CA 1.2 CA 2.1 CA 2.2
Root CA
Intermediate CA
End Entity Certificates
Root CA
HierarchyHierarchy
Trust ModelTrust Model
51
Hierarchy (Hierarchy (22) ) -- AnalysisAnalysis
Trust ModelTrust Model
Advantages Disadvantages
• Simply validation - Certificates can be traced back through the hierarchy for validation
• Low costs due to simplicity of system• Usually high interoperability, if standards
are followed• Uniformity – the root CA specifies policies
which bind all elements of the system – but centralized policies are not well-suited to national or multi-national deployment
• If the root CA is compromised, the entire system is affected
• The system is not well-suited to complex deployments such as international trade
• A high degree of consensus is needed at design time
• Acceptance of single authority by all users is necessary, and may be difficult to achieve (particularly in international contexts)
• The technical and administrative workload of the CA is enormous for large deployment
Reference: Galexia
52
CrossCross--CertificationCertification
Cross-Certification (CC) model is one of the several models, which a CA issues a cross-certificate for another CA in order to initiate trust to each other. So, Users can verify unknown CA by cross certify.
CA 1
CA 1.1 CA 1.2
EE1.1 EE1.2
CA 2
EE2
Cross-Certify
Intermediate CA
End Entity Certificates
Root CA
Trust ModelTrust Model
53
CrossCross--Certification : Full MeshCertification : Full Mesh
Trust ModelTrust Model
CA CA
CA
CA CA
CA
CA
CA
CA
CA CA
CA CA
CA CA
CA CA
Number of cross-certificates = n x (n-1); n = number of CAsEvery CAs need to be cross-certified by all other CAs in the network.
54
CrossCross--Certification : Partial MeshCertification : Partial Mesh
Trust ModelTrust Model
CA
CA
CA CA
CA CA
CA CA
CAs do not need to be cross-certified by all other CAs in the network.
55
CrossCross--Certification (Certification (33))
Trust ModelTrust Model
CA1 CA2
Subject: CA2 Issuer: CA1
Subject: CA1 Issuer: CA2
Certification Path:- CA1’s user receives a message from
CA2’s user.
Certification Path:- CA2’s user receives a message from
CA1’s user.
CA1
CA2 by CA1
EE2
cross-certificate CA2
CA1 by CA2
EE1.1
CA 1.1
cross-certificate
56
CrossCross--Certification (Certification (44))
Trust ModelTrust Model
Advantages Disadvantages
• No central authority means no critical point of failure
• No need for universal consensus; only between CAs as needed to form trust relationships
• High interoperability – but only if this already exist at the time of cross-certifying
• In case of many CAs are in domain, cross-certification can be expensive, and must be performed multiple times by each CA
• Poor scalability in a Full Mesh – each new CA must be compatible with CAs already in the network
• Multiple points for validation process to fail (in a Partial Mesh)
Reference: Galexia
57
Bridge CABridge CABridge CA
CA 1
CA 1.1
EE1.1
CA 1.2
EE1.2
CA 2
EE2
Trust ModelTrust Model
This model are combines aspects of both the hierarchy model and the cross-certification model. It reduces number of cross-certificates by requiring only one pair of cross-certifications for each CA.
Intermediate CAEnd Entity Certificates
Root CA
Bridge CA
Cross-CertifyCross-Certify
58
Bridge CA (Bridge CA (22))
Trust ModelTrust Model
Root CA
CA CA
Cross-Certify Cross-Certify
Cross-Certify
Bridge CA
Root CA
CA CA
Root CA
CA CA
number of cross-certificates = n x 2; n = number of CAs
59
Bridge CA (Bridge CA (33))
Trust ModelTrust Model
Certification Path:- CA1’s user receives a message from
CA2’s user.
Certification Path:- CA2’s user receives a message from
CA1’s user.
CA1 CA2
Subject: Bridge CA Issuer: CA1
Subject: Bridge CAIssuer: CA2
Bridge CA
Subject: CA1Issuer: Bridge CA
Subject: CA2Issuer: Bridge CA
CA1
Bridge CA by CA1
EE2
CA 2 by Bridge CA cross-
certificate
CA2
Bridge CA by CA2
CA 1 by Bridge CA
CA 1.1
EE 1.1
cross-certificate
60
Trust ModelTrust Model
Advantages Disadvantages
• Scalability – new CAs need only cross-certify with the bridging CA
• Interoperability – CAs cross-certify individually with bridging CA
• The validation fails if the bridge CA is compromised (although individual CAs can continue to operate on their own)
• All parties involved must recognize the validity of the bridging CA
• High workload on the bridging CA as system grows
Bridge CA (4)Bridge CA (4)
Reference: Galexia
61
CrossCross--RecognitionRecognition
Trust ModelTrust Model
Cross-recognition model (CR) is different from cross-certification models because it is recognition between users and CAs instead of recognition between CAs. So, the decision whether or not to trust a CA ultimately falls to the user.
Intermediate CA
End Entity Certificates
Root CACA 1
CA 1.1 CA 1.2
EE1.1 EE1.2
CA 2
EE2Cross-recognize
62
Trust ModelTrust Model
CA1 CA2
EE1.1 EE2
Certification Path:- CA1’s user receives a message from
CA2’s user.
Certification Path:- CA2’s user receives a message from
CA1’s user.
CA2
EE2
Install CA2’s Certificate Install CA1’s Certificate
CA1
CA 1.1
EE 1.1
CrossCross--Recognition (Recognition (22))
63
Trust ModelTrust Model
Advantages Disadvantages
• Only the certificates of the breached CA are affected
• Largely remove the need for technical compatibility between CAs, only at the application level (e.g. a user’s software must be able to process the information in a given certificate)
• Allows entirely distinct CAs into interoperation easier
• the decision whether or not to trust a CA ultimately falls to the user
• users must be better-informed than in other models because the decision to trust the certificate rests with them and not their CA
CrossCross--Recognition (3)Recognition (3)
Reference: Galexia
64
Certificate Trust ListCertificate Trust List
Trust ModelTrust Model
CA1CA2CA3…
The Certificate Trust List (CTL) is a list of CAs’ certificates from a trusted authority. The list itself is digitally signed to ensure its integrity and accuracy.
Publishing Authority
CA 1.1
EE1.1
CA 1.2
EE1.2 EE2
Intermediate CA
Certificates
Root CA
CTL Signing Entity
Digitally sign
65
Trust ModelTrust Model
CA1 CA2
EE1.1 EE2
Certification Path:- CA1’s user receives a message from
CA2’s user.
Certification Path:- CA2’s user receives a message from
CA1’s user.
Install Certificate Trust List
Publishing Authority
Install Certificate Trust List
Publishing AuthorityCTL Signing Entity
Certificate Trust List
CA1CA1.1
EE1.1
Publishing AuthorityCTL Signing Entity
Certificate Trust List
CA2EE2
Certificate Trust ListCertificate Trust List ((22))
66
Trust ModelTrust Model
Advantages Disadvantages
• High scalability• Generally low costs (but this can increase,
depending on the implementation)
• The single publisher of the trust list must be recognized by all parties
• Potential difficulties in distributing up-to-date versions of the trust list
• Single point of failure (the trust list and/or trust list authority) although individual CAs would continue to function
Certificate Trust List (3)Certificate Trust List (3)
Reference: Galexia
67
USAID
68
USAIDUSAID
69
MissionMission
The Office of U.S. Foreign Disaster Assistance (OFDA) is
the office within USAID responsible for facilitating and coordinating
U.S. Government emergency assistance overseas. As part of
USAID's Bureau for Democracy, Conflict, and Humanitarian
Assistance (DCHA), OFDA provides humanitarian assistance to save
lives, alleviate human suffering, and reduce the social and
economic impact of humanitarian emergencies worldwide.
70
Role and ResponsibilityRole and Responsibility
OFDA responds to all types of natural disasters, including earthquakes,volcanic eruptions, cyclones, floods, droughts, fires, pest infestations, anddisease outbreaks. OFDA also provides assistance when lives or livelihoodsare threatened by catastrophes such as civil conflict, acts of terrorism, orindustrial accidents. In addition to emergency assistance.
OFDA funds mitigation activities to reduce the impact of recurrent natural hazards and provides training to build local capacity for disaster management and response.
71
Type of DisastersType of Disasters
72
Early warning SystemEarly warning System
1. Establishment of Standard Operating Procedure (SOP)
2. Receiving data from inter-and international agencies
3. Data Analysis
4. Dissemination of warning message
5. Planning, coordinating, monitoring and evaluating the warning, response and mitigation process with provincial governments and Department of Disaster Prevention and Mitigation in emergency response and mitigation, and evacuation drills
Reference: National Disaster Warning Center Thailand
73
Sea Level Change Sea Level Change MeansurementMeansurement
Proposed
Deploy at 9’N 89’E in late 2006 Deploy at 4’N 90’E in early 2006
Reference: National Disaster Warning Center Thailand
74
Tsunaneter Mooring SystemTsunaneter Mooring System
75
76
ChallengesChallenges
There are many actors in disaster management system in Thailand. It is a big challenge to give an equal or suitable role to all
As Thailand is “not much” a disaster prone country, to make the disaster risk reduction on top of the National Agenda is not an easy job
The challenge will be on the shoulder of DDPM, as the National Focal Point in Disaster Management, to start the process of linking national mechanism with the AADMER
Reference: ASEAN DEFENCE ESTABLISHMENTS AND CIVIL SOCIETY ORGANISATIONS (CSOs) COOPERATION ON NON-TRADITIONAL SECURITY ( Disaster Management )
77
The Road AheadThe Road Ahead
Establishment of a national committee (or sub-committee under the National DPM Committee, that would be directly responsible for the Implementation of the Agreement
Formulation of National SOPs (Request and Offer Assistance)
Establishment of SAR team, ERAT relief teams that has the international capacity
Make the AADMER more widely known to other agencies/organizations and have more engagements from them
Others Reference: ASEAN DEFENCE ESTABLISHMENTS AND CIVIL SOCIETY ORGANISATIONS (CSOs)
COOPERATION ON NON-TRADITIONAL SECURITY ( Disaster Management )
78
78
UN roleUN role
Define the proper scale of the problem and solution.
The system must be:– Fully owned by the Indian Ocean Rim countries– Based on international multilateral cooperation– Based on the open and free exchange of data– Protect all countries in the Indian Ocean Basin– Transparent and accountable to all members
Reference: Patricio A. Bernal, Executive Secretary IOC ,The Indian Ocean Tsunami Warning System: A Progress Report.
79
79
How does it function?How does it function?
Is based on the joint operation of international networks of detection connected with national tsunami warning centres
UN governance provided under the IOC
Each nation is responsible for issuing warnings in their territory and protect its own population.
National centres must have strong links with emergency preparedness authorities (national, provincial and local)
Reference: Patricio A. Bernal, Executive Secretary IOC ,The Indian Ocean Tsunami Warning System: A Progress Report.
80
80
Where are we now?Where are we now?
A single system being planned
All countries of the Indian Ocean participate
Tsunami advisory information provided from centres in Hawaii and Tokyo.
National focal points designated in 14 nations
Governance of UN/IOC accepted in Paris
Full scope of the task recognized: multi-nation (27), multi-year (>3)
Beyond the emergency: transition to reconstruction and development phase.
Joint UN implementation: IOC,WMO,ISDR,UNDPReference:
Patricio A. Bernal, Executive Secretary IOC ,The Indian Ocean Tsunami Warning System: A Progress Report.
81
Thank you for your attentionThank you for your attention
82
Presented byPresented by
NANTAWAN
WONGKACHONKITTI