ASIA’S FIRST MONTHLY MAGAZINE ON E-GOVERNANCE
ov
Curtain Raiser
www.egovonline.net - Asia’s Leading Portal on e-Governance VOLUME 6
ISSUE 5
ISSN 0973-161X
Rs. 75
CLOUD COMPUTING Hype or Reality?
MAY 2010
ov
SUBSCRIBE NOW ! THE FIRST ASIAN MONTHLY PRINT MAGAZINE ON e-GOVERNANCE Subscribe & be updated about latest scenario in e-Governance, egov magazine presents a ‘value for money’ subscription offer New Subscription
Renewal
Yes, I would like to receve to the following term as indicated below (D) 3 years* (36 Issues) 2 years (24 Issues) 1 years (12 Issues)
Subscription INR 2000 1500 900
Subscription USD 250 150 100
Please fill this form in CAPITAL LETTERS Name : Mr/Ms .................................................................... Organisation : ........................................................ ........................................................................................ Designation : ........................................................ Address : ................................................................................................................................................................... ...................................................................................................................................... Pin : ................................... Mob. No. : ................................................................. Phone : ............................................................................... e-mail : .................................................................. Please find enclosed Cheque/DD No.: ............................ Drawn on .......................... Dated ....................... in favour of ‘elets Technomedia Pvt. Ltd.’ payable at Delhi
ov G-4, Sector-39, Noida-201 301, India For subscription related queries contact: Tel: +91 120 2502181-85, Fax: +91 120 2500060 Email: subscription@elets.in
TERMS & CONDITIONS: Allow 3-4 weeks time for the delivery of magazine. • Please add Rs. 50 for outstation cheque. • International subscription is inclusive of postal charges. • Publisher will not be responsible for delays or non delivery of the magazine.
Subscription also available online
Get Your Magazine Today !
www.egovonline.net
ov
VOLUME 6 ISSN 0973-161X
ISSUE 5
MAY 2010
RNI NO. - UPENG/2008/25234
6
8
INTERVIEW
6
Ajay Kumar, IT Secretary, Government of Kerala
8
Vikas Arora, Group Director, Microsoft India
32
Anand Ramakrishnan, General Manager, Wipro Infotech
34
Tan Sian Lip, Vice President, Crimsonlogic PTE Ltd
36
Rajiv Chadha, Vice President, Verisign
40
Milind Tamhane, Vice President, Digilink
42
Sreeni Tripuraneni, CEO, 4G Identity Solutions
FEATURE
12
CLOUD COMPUTING: WHAT, HOW AND WHY
18
PUBLIC-PRIVATE PARTNERSHIP: THE STRATEGIC LEVER FOR e-GOVERNANCE
20
CLOUD COMPUTING FOR GOVERNMENT
40 34
42
31
PRIVATE, NOT PROPRIETARY CLOUD COMPUTING
44
7 MYTHS ABOUT IP ACCESS CONTROL TO THE DOOR
46
AADHAAR: THE UNIQUE IDENTITY NEWS
17
India News
39
Business News
49
International News
Our Social Media Presence www.twitter.com/egovonline
www.facebook.com/egovonline
egov
MAY 2010
3
ov egov is a monthly magazine providing a much needed platform to the voices of various stakeholders in the arena of e-Government, apart from being a repository of valuable information and meaningful discussion on issues of eGovernance in general, and eGovernment in particular -- both to the specialist and the generalist. Contributions to egov magazine should be in the form of articles, case studies, book reviews, event reports and news related to e-Government projects and initiatives, which are of immense value for practitioners, professionals, corporates and academicians. We would like the contributors to follow these guidelines, while submitting their
material for publication. ARTICLES / CASE STUDIES should not
exceed 2500 words. For book reviews and event report, the word limit is 800. AN ABSTRACT of the article/case study not exceeding 200 words should be submitted along with the article/case study. ALL ARTICLES / CASE STUDIES should provide proper references. Authors should give in writing stating that the work is new and has not been published in any form so far. BOOK REVIEWS should include details of the book like the title, name of the author(s), publisher, year of publication, price and number of pages and also send the cover photograph of the book in JPEG/ TIFF (resolution 300 dpi). Book reviews of
books on e-Governance related themes, published from year 2002 onwards, are preferable. In case of website, provide the URL. MANUSCRIPTS should be typed in a standard printable font (Times New Roman 12 font size, titles in bold) and submitted either through mail or post. RELEVANT FIGURES of adequate quality (300 dpi) should be submitted in JPEG/ TIFF format. A BRIEF BIO-DATA and passport size photograph(s) of the author(s) must be enclosed. ALL CONTRIBUTIONS ARE SUBJECT TO APPROVAL BY THE PUBLISHER.
Please send in your papers/articles/comments to: The Editor, egov, G-4, Sector 39, NOIDA (UP) 201 301, India. tel: +91 120 2502180-85, fax: +91 120 2500060, email: info@egovonline.net
4
www.egovonline.net
EDITORIAL
On Cloud Nine? Cloud Computing. Are we ready for it? Is our governance machinery ready for it? These were some of the questions that were on our mind when we started to plan for this issue. Not many people really know how it works, but they are using it in their everyday life. Many websites that we browse through everyday are set up on Amazon Web Services, which is Amazon’s Cloud Services offering. Using the Internet to perform computing, though does offer us cost savings with regards to computing hardware, software, infrastructure etc, but one does need to factor in the additional requirement of highspeed, always on Internet that Cloud Computing demands. Does our government have access to this? Does India have access to ‘always on’ Internet at a cost that will support and enhance e-Governance? But that’s not to say that e-Governance will not receive a boost from Cloud Computing. It most certainly will benefit all levels of our society and governance. But the infrastructure requirements will need to be in place before the full benefits of ‘The Cloud’ can be harnessed for e-Governance. In the meantime, we must also remember that Cloud Computing as a technology is at a very nascent stage but it seems very likely that it will be the next big breakthrough technology for the Internet. If we, as a nation start to focus on creating the infrastructure needs for a wider and more efficient e-Governance delivery system, then we should be able to harness this technology in a few years, by which time the technology would also have matured and be ready for deployment in a nation as varied as India. Another pertinent question about Cloud Computing is the perceived lack of privacy and data security. But that is also something that is being worked up on and going by the way technology moves; the current loopholes should be plugged soon. From the Indian point of view, what is critical is the Cloud’s demand for robust and reliable Internet connectivity and that is what we need to focus on. The need of the hour at the moment is to evaluate and understand what kind of work processes can be migrated on to the Cloud. Both the Governments and Corporates, need to make a careful evaluation of their workflow and identify the processes that can be migrated and build their own capacity to ensure that the do not inadvertently compromise on the quality of service. It is equally important to be ready for the future when Cloud Computing will come into the mainstream.
Dr. RAVI GUPTA Editor-in-Chief Ravi.Gupta@egovonline.net President: Dr. M P Narayanan | Editor-in-Chief: Dr. Ravi Gupta Editorial Team: Dr. Prachi Shirur, Dr. Rajeshree Dutta Kumar, Shipra Sharma, Divya Chawla, Sheena Joseph, Yukti Pahwa, Sangeeta Ghosh De, Subir Dey Pratap Vikram Singh, Gayatri Maheshwary, Saba Firdaus Sales & Marketing Team: Debabrata Ray (Mobile: +91-9899650692), Anaam Sharma, Arpan Dasgupta, Fahimul Haque, Bharat Kumar Jaiswal, Anuj Agarwal, Priya Saxena, Vishal Kumar (sales@elets.in) Subscription & Circulation: Astha Mittra (Mobile: +91-9810077258, subscription@elets.in), Manoj Kumar, Gunjan Singh Graphic Design Team: Bishwajeet Kumar Singh, Om Prakash Thakur, Shyam Kishore Web Development Team: Zia Salahuddin, Amit Pal, Sandhya Giri, Anil Kumar IT Team: Mukesh Sharma, Devendra Singh | Events: Vicky Kalra Editorial & Marketing Correspondence: egov - G-4 Sector 39, NOIDA 201301, India, Phone: +91 120 2502181-85, Fax: +91 120 2500060, Email: info@egovonline.net egov is published by Elets Technomedia Pvt. Ltd in technical collaboration with Centre for Science, Development and Media Studies (CSDMS). Owner, Publisher, Printer: Ravi Gupta, Printed at Vinayak Print Media, D-320, Sector - 10 Noida, U.P. and published from 710 Vasto Mahagun Manor, F-30, Sector - 50 Noida, UP Editor: Ravi Gupta
egov
MAY 2010
5
COVER INTERVIEW
Data Security through Private Clouds www.kerala.gov.in
DR. AJAY KUMAR IT SECRETARY GOVERNMENT OF KERALA
“Government is well aware of cloud and its potential. But people are just waiting to get it more matured and real. Cloud Computing has become the most exciting development and delivery alternative to arise in the new millennium. Right now, Cloud Computing is still in the early adopter phase, but will continue to move into mainstream adoption.”
6
www.egovonline.net
The idea behind Cloud Computing is instead of buying and maintaining one’s own computing hardware, one rents hard drive space, database storage and computing power from a vendor. Is Cloud Computing really this simple? For Service Providers, it is not as simple to make the services ready for you. But for a user, it can be simple. It is like renting a fully serviced flat instead of buying a home of your own. However, user has restrictions and constraints to use a flat, and also not able to alter the flat as per own convenience. If you’re using google documents, you don’t have to worry about buying umpteen licenses for word-processing software or keeping them up-to-date. You can simply create a word document using google document. What are the benefits of the Cloud Architecture? What are some of the reasons for which government agencies should adopt Cloud Computing for its applications? The cloud architecture allows to rapidly allocate and de-allocate massively scalable resources on a demand basis. It gives flexibility to choose multiple vendors that provide reliable and scalable business services, development environments, and infrastructure that can be leveraged out of the box and billed on a metered basis. The other benefits are scalability, high reliability, reduced costs due to operational efficiencies, and more rapid deployment of new business and reduce runtime and response time etc. The three major IT implementation in Government sector are IT facilitation in State Data Centre (SDC), automation of government work-flow and e-Governance projects. These three major areas required huge resources in terms of computing, networking and IT infrastructure. The State Data Centre (SDC) was set up by the Government of Kerala in Thiruvananthapuram to boost the e-Governance activities of the state for server co-location, server sharing, SAN based mass storage, mail services, web services, enterprise management system etc. Some of the major e-Governance applications hosted in the Data Centres include digital workflow system – message, pay roll and personnel management system – SPARK, common admission allotment to general education /higher education, general education –
results, treasury information system, core banking system for state bank, online VAT collection and reconciliation system, motor vehicles department, and other websites hosting. However, the actual capacity of Data Centre is underutilised, often some systems are idle, over provisioning, insufficient capacity planning and sizing. Adopting a cloud enabled Data Centre may overcome some of the above mentioned problems. Kerala Government has started a number of e-Governance project to address the services of 39 Government Departments. Personnel and Payroll Management System using SPARKService and Payroll Administrative Repository for Kerala is one example, which requires huge amount of resources during the peak period of computation. SPARK – the Payroll and Personnel Management System demands huge amount of resources during the period of payroll processing of some 500000 employees which happen during the last week of the month. Such applications may face problems of poor response time of the system due to want of resources. The application like education departmentcommon admission counseling and results requires heavy traffic only at the time of admission or result and the rest of time, the systems are idle. Pooling of resources in into large clouds in such cases will increase the utilisation of resources effectively. Aggregated IT infrastructures of cloud can also make it a lot simpler for government to maintain and support their IT. Tell us about the Cloud Computing initiatives taken in Kerala, under your IT leadership? Vide letter No. 5810/B1/09/ITD dated 12.10.2009, Government of Kerala has constituted a technical committee to examine the feasibility of setting up a Cloud Computing solution in Kerala under the Chairmanship of Secretary IT. The committee recommended to set up a pilot cloud facility in IIITMK as a research and technology development with technical support of C-DAC, Chennai. The work is now in progress. What are implementation challenges in Cloud Computing deployment, with respect to the public sector in India? Different Service Providers and Service Level Agreements (SLAs), data
privacy in public cloud, open standards and interoperability, vendor lock-in are some of challenges. Business continuity will continue to be a concern. Also for implementation, support of virtualisation in existing machines, integration with in-house IT applications, customisation, hardware and software compatibility, regulatory requirements etc. are some of the challenges. At present, major suppliers are also not readily available with an affordable cloud implementation. Government data is sensitive and private and therefore, needs to be secured. How secure is the Cloud Environment? Government may adopt for private cloud only, that to be built and managed within an enterprise only. The idea is to utilise the maximum resources in a more scalable, flexible and lower cost. With the private cloud, data can be made secured. What regulative and legal provisions need to made for securing data and information in the public cloud? Cloud Computing is still evolving as a technology and we may see it mature over the next five years or so. Securing data is more of a technical issue and researches are on progress. Any IT services or applications are not suited for a cloud. A service roadmap to identify cloud services opportunities based on business needs, value proposition, and the ability to adopt/support those services is to be identified. It is ideal to start with non-critical applications and non-sensitive data. How aware are the government departments in India about Cloud Computing? What efforts are being taken on building awareness on this issue? Government is well aware of cloud and its potential. But people are just waiting to get it more matured and real. Cloud Computing has become the most exciting development and delivery alternative to arise in the new millennium. Right now, Cloud Computing is still in the early adopter phase, but will continue to move into mainstream adoption. With its economic, green and scalable development and delivery mechanism it is a gift to organisations. \\ egov
MAY 2010
7
8
www.egovonline.net
•
•
•
•
•
•
egov
MAY 2010
9
10
www.egovonline.net
FEATURE
Cloud Computing: What, How and Why WHAT’S IN THE CLOUD? The ever-changing ecosystem of the Internet has thrown up a plethora of new technologies and terms many of which take the world by storm turning us common mortals into converts of the technology and sending many of us into a state of confusion. Cloud Computing is one such technology that has come up with the increased pervasiveness of the Internet in our personal and professional lives. Now the biggest question is, what is Cloud Computing? Ask that question and a layperson will be bombarded by a plethora of jargons which s/he has absolutely no clue about. Instead of answering the question, it pushes them into deeper confusion. This article will attempt to explain to a layperson exactly what this technology is, how it works, what are its benefits and what are the challenges and issues that need to be resolved before we are able to embrace this technology the way that we have embraced mobilephones. Lets start from scratch. What is Cloud Computing? It is a general term used to denote a set of technologies and networks that enable ‘Internet-based computing’ where shared resources, software and information are provided to computers and other devices on demand through the Internet. An even simpler way of explaining this would be, the use of the Internet to perform tasks that you would do on your computer. Cloud Computing has been called, a Service, a Platform and also an Operating System. The next few paragraphs will attempt to explain these offerings in simple terms. 12
www.egovonline.net
Cloud Computing has been called, a Service, a Platform and also an Operating System. In this article, the author has attempted to explain this new technology, its possible usage and its pros and cons in simple terms.
Cloud Computing as a Service: A very basic service that a computer provides us, is storage of photos, videos, music and movies. Saving files is also a basic services offered by Cloud Computing. A good example of this service is Flickr (www.flickr.com). Starting as a website that emphasised on sharing photos it
has now become a great place to store images that can be retrieved from any device anywhere around the world. Images and videos can be uploaded on to the website from absolutely anywhere in the world and can be seen from any device that is connected to the Internet. Users can share photos of their vacations/
parties etc without having to burn CDs or carrying flash drives. Instead, they can just email their friends the link to your Flickr album. Apart from storage and sharing, Flickr also offers data security. If you store all this data in your computer, chances are that they will be lost if your hard disk crashes unless you have gone through the cumbersome process of burning your photos and videos on CDs or saved them in flash drives. While keeping a local copy (in your hard drive, CD or flash drive) has its merits, but its also true that you are far more likely to lose all your data than Flickr losing your photos. Cloud Computing can enable much more than just act as a storage medium for files used for sharing. It can also be used for manipulating the information/files stored within it. Similar to the idea of Flickr, servers can be hired for the purpose of storing, accessing and updating/modifying large databases/ data-sets. Lets say in an organisation with different field offices, the same set of data will be available to all the offices to access and modify without each office having to modify their local copy of the database because every update is being made to
the master database that is available to everyone through ‘The Cloud.’ Cloud Computing as a Platform: The general opinion is that the web is the next operating system. But that is just a hype. Though yes it is agreed that the web will be the next big platform on to which we will move a lot of our computing requirements, but we will always need some form of a local operating system. A platform doesn’t necessarily have to an Operating System. It is just a structure on which applications are located and are run through it. A simple way to demonstrate would be that Windows, Mac OS and Linux are platforms and so is Java. All of them are used to run different applications but Java is not an Operating System. By employing Cloud Computing, the Web will become a platform. You may have heard of Google Docs, many of us must have used it too. It is a platform that runs on any browser that you may be using and requires an active Internet connection. Through Google Docs you do not need to have a word processing application installed in your computer in order to view or modify text or spreadsheet documents, making it a very good example of Cloud Computing. Another big benefit of using these online office suites is the fact that many users can collaborate in real time to work on the same document that is stored on the cloud and is available to different users on different computers at the same time.
14
www.egovonline.net
ADVANTAGES OF CLOUD COMPUTING // Always available // Highly mobile and available across platforms // Reduced upfront cost of deployment // Unlimited storage space // Increased computing power with rapid scalability as and when required // Easier workgroup collaboration in realtime // Reduced risks of data loss // Fewer maintenance issues as there is no need to install or upgrade software and hardware // Improved compatibility between Operating Systems On-cloud applications like Google Docs, Adobe Buzzword and Office 2.0 are increasingly taking over the computing space that was once the mainstay of office suites like MS Office and OpenOffice despite their limitations, which, by the way, are now becoming more and more functional and shouldn’t surprise people if they become the mainstay for word processing requirements of the connected masses. But Cloud Computing isn’t just about Office 2.0, it has, silently, moved on from an office productivity suite to create applications of all kinds, from mashups to Facebook applications to Massively
Multiplayer Online Role Playing Games. Many of us have been using the Cloud in its various manifestations without even realising it. Developments that allow these applications to store some information on your local drive make the applications available offline too. A good example of this is Gmail offline, an experimental feature of Gmail allowing users to have access to their email even when they are not connected to the Internet. Storing a copy of the emails in the local hard drive, used whenever there is no Internet connection, enables the user to have access to their emails when they are not connected to the Internet. As is evident from the examples cited in this article, Google is emerging as a major player who is turning Cloud Computing into a platform. Another very interesting service being offered through ‘The Cloud’ is a website called Picnik (www.picnik.com). Recently bought over by Google, this website offers a simple solution to the many times when people wish to make simple edits to their photos but are not conversant with advanced photo editing software like Photoshop. What’s more, Picnik is available to just about anyone using any Operating System via any web browser. The application delivers basic editing tools and special effects to a beginner and integrates with most of the popular photo-sharing sites like Facebook, Flickr, MySpace, Picasa Web Albums, Photobucket etc. Cloud as an Infrastructure: Infrastructure as a Service (IaaS) enables the delivery of the computing infrastructure as a service. No longer does a company have to purchase servers, software, data centre space or networking equipment. All this can simply be outsourced to a Cloud Infrastructure Services company that will lease out all of these as a service. This service is usually billed on a pay per use basis (amount of resources consumed) that will vary according to the level of activity at any point of time. This infrastructure is typically available ‘on demand’ and can be scaled up as and when required.
THE FLIPSIDE Just like any technology, Cloud Computing is not without its own share of disadvantages. Little is talked about them among the layperson as they are usually given a grandiose vision of Cloud Computing by the ‘Cloud Evangelists’. That does not mean that the advantages reported are incorrect, but the devil is in the details. There are quite a few issues that need to be considered before we move all our computing requirements on to ‘The Cloud.’ Cloud Computing exists on the premise that the Internet will always be robust and reliable. The reality is far from it. Its true that in most of the cities of the developed world high-speed, always on Internet is available, but in the rest of the world, even the cities of an IT powerhouse like India suffer from sporadic Internet connectivity. Not only that, uninterrupted supply of electricity is still unrealised in the country. Looking at the situation logically, if the remote server or network is not available, then the content will also be unavailable. Security is another aspect that still needs to be taken care of. In this connected world where we, often times, are unable to keep our corporate intranets secure, companies are wary about
DISADVANTAGES OF CLOUD COMPUTING // Access requires always on and high-speed Internet connectivity // Technology is still at a nascent stage // As yet unresolved security and privacy issues // Lack of industry standards and inter-operability among applications // Limited features // Users are subject to many terms and conditions // Not environmentally sustainable // What if the Cloud loses your data?
keeping their data on external servers. Derived from this, another reason for their lack of enthusiasm is that for a variey of reasons, legal and otherwise, certain companies and industries are required to keep a strict watch on their data at all times, which means, they are not
going to send that data outside the corporate firewall. Reliability of these cloud services is still a major issue. The September 2009 outage of Gmail caused a huge outcry among those who depend on Gmail as their primary email, imagine the consequences of a similar outage of the cloud services. On 15th February 2008, Amazon Web Services was struck by a temporary outage lasting about 2 hours. The outage dragged down with itself thousands of websites that rely on its hosted storage. Hit hardest by the outage were a multitude of Web2.0 startups who rely on hosted storage to keep their costs down, the badly hit sites included the micro-blogging site, Twitter and the New York Times which uses the Amazon’s Simple Storage Service (S3) to store articles from its archives. Though these things can also happen inside an enterprise but typically a company has enough redundancy equipment to ensure that a failure in its servers/data centre doesn’t bring own the entire system. Online office suites still lack many of the advanced features that are available on their offline counterparts. Despite the commonly held belief that Cloud Computing is ‘Green’, there has been no published study to support this and looking at it from a theoretical point of view, it seems to suggest that it actually consumes more power than the traditional data centre model. Despite moving to the Cloud Computing model we must not forget that the
remote servers are still consuming megawatts of power by the hour at an ever-increasing rate and not all clouds are built to the highest energy efficiency standards. Cloud Computing is criticised by privacy advocates for the fact that Cloud Services Companies can lawfully or unlawfully, monitor the communication and the stored information on the host servers. There are many questions that need to be answered when one considers moving to the ‘Cloud’. Does the user or the Cloud services company own the data? Can the host deny a user access to their own data? If the host company goes out of business, what happens to the users’ data it holds? What happens to a piece of data once a user deletes it from the Cloud, is it really irretrievable after deletion? And, most importantly from a privacy standpoint, how does the host protect the user’s data? Cloud Computing is at a very nascent stage of development around the world and it is too early to take a stand about its utility as of now, especially in the context of the developing world where high-speed, always on Internet is not yet accessible to all. One should ideally adopt a position of ‘wait and watch’ before moving critical government/corporate work processes on to the cloud until these issues are resolved and Cloud Computing emerges as a robust and reliable system. \\ -Subir Dey subir@csdms.in egov
MAY 2010
15
Don't be left behind
Associate with Us Subscribe to read right • Advertise to reach right • Exhibit to partner right • Participate to meet right
Media Partner
ov Contact: Debabrata Ray, Mobile.: +91-9899650692, Email: debabrata@elets.in G-4, Sector-39, Noida- 201301, India, Tel: +91 120 2502181-85, Fax: +91 120 2500060
NEWS
INDIA
‘e-DISHA’: ONLINE TRANSPORT SYSTEM LAUNCHED BY ORISSA The online transport system is launched in Orissa to help people make their motor vehicle tax and fees anytime anywhere without running to the Regional Transport Offices. Orissa is the first state in India to introduce online services for three separate facilities. e-DISHA would provide three facilities like, online payment of tax and fee, web-based application, issuance of vehicle permits, appointment system for learners’ license and anywhere anytime application. The new system would also help eliminate middlemen, thereby increasing efficiency and maintaining transparency.
e-GOVERNANCE SOCIETY ESTABLISHED IN PUDUCHERRY An e-Governance society as part of implementing Information Technology Policy has been launched by Puducherry Government. A MoU has been signed with Chennai based Information Community Technology ( I C T ) Academy, a consortium of the Union IT Ministry, Tamil Nadu Government and Confederation of Indian Industry (CII). Employees of Puducherry government and IT professionals would also be trained in Information Security and system administration.
MOBILE BANKING FROM JULY IN RURAL AREAS
Banks have been advised by the Government to start mobile banking services in rural areas by July 31,2010 and complete the rollout by the end of next year. People will be able to withdraw cash and transfer funds using their mobile phones in rural areas. After the implementation of the scheme, people in far flung areas would be able to operate no-frills mobile-linked account to withdraw cash, deposit money, balance enquiry, transfer of money from one to another. This will also facilitate transfer of funds of various government schemes like NREGS, to a mobile linked account.
A significant feature of the proposed framework is that funds remain within the banking system throughout the process flow and the intermediary does not have custody of the funds even momentarily.
COPS IN HARYANA TO GET LAPTOPS A National Level Crime and Criminal Tracking Network System (CCTNS) project will soon be started at Madhuban, Haryana. The constables of Haryana Police would be provided with laptops, within the next three years, to enable them to keep track of activities of criminal gangs and exchange information with forces in other states. With the help of this system, the police will be able to not only to get information regarding dreaded criminal gangs active in the state and country, but also exchange all the information regarding their arrest. To achieve this objective a cyber lab was being established at Madhuban by NASSCOM. Giving priority to eGovernance, the Haryana Police had also got prepared a software called Human Resource Management System to provide online all kinds of information, such as individual, departmental and professional abilities of all police personnel from the rank of DGP to that of Constable.The Haryana Police had become first force in the country, where each constable has to undergo completely transparent online examination for the promotion to the post of Head Constable.
BEGGAR HOMES IN DELHI GETS BIOMETRIC MACHINES Sewa Kutir Complex, a beggar home, in Kingsway Camp area of New Delhi, has got biometric machines. The step has been taken in view of the beggars often changing their names to hoodwink anti-begging teams by posing as first-
time offenders. The machine will also update and consolidate the record of apprehended beggars and maintain a dossier of each arrested beggar. With an estimated 60,000 beggars, most of who go about their business at traffic intersections and religious places, the Delhi government is geared to tackle the problem by taking action under the antibegging law as well as by implementing rehabilitory measures.
NATIONAL LEVEL AWARDS FOR CHANDIGARH FOR e-GOVERNANCE In a major achievement, the Department of Information Technology, Chandigarh Administration and National Informatics Centre, Union Territory have been awarded three national-level Web-Ratna awards for the year 2009, at New Delhi, on April 19, 2010. The awards were constituted by the Ministry of Communications and Information Technology, Government of India for the first time, to acknowledge the exemplary initiatives and practices of various states or UTs in the field of e-Governance. The criteria followed included overall quality and quantity of web-based initiatives, spectrum of sectors and departments having a good web presence and level of responsiveness towards web-based queries, including usability and accessibility by citizens. For Chandigarh, the three awards were received by Sanjay Kumar, Finance Secretary under National Portal Coordinator category (Golden Icon); Manjit Singh Brar, Director-Information Technology; Jagjit Singh, Systems Manager, IT for Comprehensive Web Presence Category (Silver Icon); Ajay Rampal, State Informatics Officer and Vivek Verma, Technical Director from NIC, UT under NIC Coordinator for National Portal of India category (Silver Icon) for providing technical expert.
egov
MAY 2010
17
INDUSTRY PERSPECTIVE
the Strategic Lever for e-Governance www.cisco.com
CISCO SYSTEMS INDIA
Governments, across the world, are under pressure to deliver services to citizens effectively and efficiently. IT systems are a critical foundation as governments seek to be more connected to citizens, businesses and partner agencies. In the words of Sandeep Raina, Senior VP - Government and Defence, Cisco India & SAARC, “In eGovernance, the whole infrastructure is electronic, data resides in one place and network moves the data around. This electronic infrastructure will ensure that citizen services are delivered seamlessly and cohesively.” But the Government cannot build this electronic infrastructure alone. Solutions enabled by partnerships between government agencies and private companies are key to successful eGovernance implementation. COMPLEMENTARY STRENGTHS Shankar Aggarwal, Joint Secretary, Department of Information and Technology (DIT), Government of India explains the advantages of this powerful partnership, “There are delays and unmet goals in projects envisioned and implemented by the government due to lack of financial resources. The private sector brings these resources. Government provides the much needed sustainability and
scalability. Also, efficiency takes a back seat in purely government run initiatives because of rules and regulations. Private participation brings efficiency along with funding.” Naresh Wadhwa, President and Country Head, Cisco India and SAARC, feels that Public Private Partnerships are the key to ensure e- Governance
“The common man in distant villages will be benefitted as he would access all citizen services available in a city. And, for this vision to be realized, huge investments are required, that are not possible for the government to deploy alone, without private participation.” Naresh Wadhwa President and Country Head, Cisco India and SAARC 18
www.egovonline.net
spreads wide, to the nook and corners of the country. “The common man in distant villages will be benefitted as he would access all citizen services available in a city. And, for this vision to be realized, huge investments are required, that are not possible for the government to deploy alone, without private participation.” SOME SUCCESS STORIES IN 3 PS (PUBLIC PRIVATE PARTNERSHIP) The National e-Governance Plan (NeGP)’s vision is to extend affordable citizen services to all Indian citizens, including those in distant villages. Private involvement has a role to play in all components of NeGP, be it creating infrastructure, delivering services in the form of mission mode projects or creating awareness.
The e-Forms The T e F rm application pp pplic ttio project pr j ct which hi h combines ombbin s state t t portal, po t l state state service s r i e delivery d lliv ryy gateway ga g tew y and nd electronic l c r n c form, form f rm aims a ms to t create r a e an a integrated n e r t d information i f rma on infrastructure nf a ru t r that h t will wi enhance n n e the t e utility u i t and nd reach r a h of citizen t z n services s r i e through h o gh Common Comm n Service S v c Centres e r (CSCs) CSC ) bbyy leveraging lev l r gingg the th he common omm n infrastructure infr f str ctu e of of SWAN WAN N and ndd SDC at at the th h State Stt t level. le el With W t this, thi hs citizens t z ns can an access a c s the t e services s r i e under un er a single i g e interface i t r a e mechanism me h n sm from f om the t e portal. portal p ra
CREATING INFRASTRUCTURE– SWANS AND SDCS The Implementation of State Wide Area Network (SWAN) and State Data Centres (SDC) is the foundation for connected administration, paving the way for e-Districts. Cisco is working closely with the government, in association with HCL Comnet, Wipro, TCS and UTL for SWAN roll outs. In fact, more than 70 per cent of the SWAN roll-outs currently underway are being deployed with Cisco tecnology. A case in point is in the state of Uttar Pradesh. S.B Singh, DDG-NIC, Uttar Pradesh details the impressive statistics, “We have created State Wide Area Network in 70 districts and 243 tehsils. All administrative officers are connected with this network.” DELIVERY OF G2C SERVICES (GOVERNMENT TO CITIZEN SERVICES) Income Tax payment online is a visible outcome of electronic delivery of services. Another initiative is the Unreserved Ticketing Solution (UTS) that Cisco is working on for Indian Railways. Technology expertise is taking the
success of e-Governance to the next level in Panchdeep, implemented for the Employee State Insurance Corporation (ESIC) by Cisco. Explains Sandeep Raina, Sr. VP - Government and Defence, Cisco India & SAARC, “Through Panchdeep, an employee gets comprehensive health care through one card. It is a single window for healthcare services.” S.K. Garg, Director- Employee State Insurance Corporation expands on the technology background of Panchdeep, “Of the five components of Panchdeep, Milap is the backbone – 2200 offices connected by LAN and WAN.” e-FORMS – ANOTHER JEWEL IN THE PPP CROWN The e-Forms application project which combines state portal, state service delivery gateway and electronic form, aims to create an integrated information infrastructure that will enhance the utility and reach of citizen services through Common Service Centres (CSCs) by leveraging the common infrastructure of SWAN and SDC at the State level. With this, citizens can access the services under a single interface mechanism from the portal. The success of e-Forms depends on SWAN, State Data Centres
“Through Panchdeep, an employee gets comprehensive health care through one card. It is a single window for healthcare services.”
Sandeep Raina Senior VP, Government and Defence Cisco India and SAARC
(SDC) and CSC; Cisco has played a major role in building each of these pillar projects. With the projects nearing completion, e-Forms will soon be a reality in India. An illustration of knowledge sharing by private players is the Public Sector Roundtables on e-Forms convened by Cisco. Experts from Austria were invited to share best practices from similar implementations in their country. These knowledge exchange sessions were appreciated by key participants from the central and state governments. THE ENABLING FORCE OF TECHNOLOGY In the march of modern India towards greater heights, delivering government services at citizens’ doorsteps is a critical milestone. And technology is the backbone in this endeavor. Given the private sector’s vast global experience in implementing technology, public - private partnerships are a critical factor in rolling out e-governance projects, quickly and successfully. Prakash Kumar, Sr. Vice President, Public Sector, Internet Business Solutions Group (IBSG - Cisco’s global strategic consulting arm that helps Fortune 500 companies and leading public organisations across the world) explains this dimension, “Private companies have the advantage of having experienced similar scenarios elsewhere in the world. They can hence anticipate the probable roadblocks in implementation.” Public Private Partnerships deliver benefits to both parties. While the government gets access to ideas and technology, the private sectors tastes the benefits of the scale that only governments can provide. A true win-win all the way. \\
egov
MAY 2010
19
PERSPECTIVE
Government There is a lot of buzz in the media about ‘Cloud Computing’ and how it will – or is, dependent on your viewpoint – transforming large scale enterprise systems in the private sector. The Cloud, like so many concepts is not entirely new, but rather a confluence of existing and new technologies. An excellent primer was published last year by the School of Electrical Engineering and Computer Sciences, UC at Berkeley, (see http://www.eecs.berkeley.edu/Pubs/ TechRpts/2009/EECS-2009-28.pdf ) but as with any academic report it, can get ‘a bit complex’, so here I would like to address a somewhat simplified outline of Cloud Computing and its application to government. Before we can address what it may do, we really need to understand what Cloud Computing is all about, after all we have the Internet, isn’t that the Cloud? SAP for example, has described the Cloud simply as the ‘Future Internet’. The CEO of Oracle says that Cloud Computing is just ‘a redefinition of what his company already does’, while Open Source advocate, Richard Stallman cautions about proprietary IP concerns via the cloud. So it’s not quite so simple. The elements of the Cloud have been gathering for a while; the long held dream of computing as an ‘on demand - always available ‘ service, is a promise that like electricity, you turn it on and turn it off and get charged for your exact consumption. A neat idea after all we don’t all own a power station (yet – but personal solar is gaining in many countries) but we want ubiquitous, reliable and overall, cheap power. Dr. Peter Mell and Tim Grance at NIST1 have defined Cloud Computing as comprising five distinct components; On-demand Self-Service: A consumer can unilaterally provision computing capabilities, such as server time and 20
www.egovonline.net
network storage, as needed automatically without requiring human interaction with each service’s provider. Broad Network Access: Capabilities are available over the network and accessed through standard mechanisms that promote use by heterogeneous thin or thick client platforms (e.g., mobile phones, laptops, and PDAs). Resource Pooling: The provider’s computing resources are pooled to serve multiple consumers using a multitenant model, with different physical and virtual resources dynamically assigned and reassigned according to consumer demand. There is a sense of location independence in that the customer generally has no control or knowledge over the exact location of the provided resources but may be able to specify location at a higher level of abstraction (e.g., country, state, or datacentre). Examples of resources include storage, processing, memory, network bandwidth, and virtual machines. Rapid Elasticity: Capabilities can be rapidly and elastically provisioned, in some cases automatically, to quickly scale out and rapidly released to quickly scale in. To the consumer, the capabilities available for provisioning often appear to
MICHAEL MUDD
be unlimited and can be purchased in any quantity at any time. Measured Service: Cloud systems automatically control and optimise resource use by leveraging a metering capability at some level of abstraction appropriate to the type of service (e.g., storage, processing, bandwidth, and active user accounts). Resource usage can be monitored, controlled, and reported providing transparency for both the provider and consumer of the utilised service. Grid Computing, as promised by major vendors including Oracle, was to enable the linking of mainframes/servers with essentially dumb clients to centralise processing and storage, and was thus component one and two of the above. This was initially on dedicated hard connections and really was a combination of applications and storage, with usually ownership of apps and storage being with the same vendor. However, the difference with the Cloud is the ownership of the disparate parts and the application of ‘on demand computing’ to the equation, via the ubiquity of the high-speed Internet. The Cloud addresses the sort of problems that plagues, for example, public transport
systems; one of matching capacity with demand at any particular point in time. In order to cater for peak hour demand – the rush hour – transit systems typically have to own a greater number of buses, trains, etc than they actually need for their overall 24 hour traffic load; they can scale but don’t have elasticity to manage demand any other way. Ideally their infrastructure would evenly run at 100% capacity over a full 24 hour period. This however is not practical, hence overcapacity/underutilisation of their investment leading to an increased fixed capital base that has to be paid for by the public and amortized to recoup costs. With information processing however, this may be addressed differently by using a now common, underlying ‘on demand’ infrastructure – broadband or high-speed Internet – which may be used by multiple customers - both private sector and public, simultaneously in a multi-tenanted environment that is infinitely scalable. Each user accesses applications and storage either directly (Private Cloud) or through a hosted contract with a vendor (or vendors) and uses applications on a utility model, sometimes called Software as a Service (SaaS). Examples of this are SalesForce.com whereby not only users, but usage is charged on a distinct unit basis. In the non IT world, NetJets provides a similar service for the use of private aircraft; the use of the asset but not the ownership based on a time/usage billing system. The Cloud therefore is the realization of the past promise of Grid computing being delivered as a reliable, scalable business - but focuses on tasks and outcomes rather than raw number crunching, that may be used by IT consumers seamlessly in the same manner as desktop or server computing. The objective being the user cannot differentiate but just runs their business as usual without the ownership costs of the apps and storage.
etc on a regular basis. There are many cases where this has been a significant issue in the real world From a software security perspective, typically, firewalls and software security in the current environment is imperfect and often inventories of hardware and software are not kept up to date and with mergers and acquisitions in the private sector and department consolidation and shared services in the Public, that means that software security is a moving feast and again imperfect. One basic characteristic of Cloud Computing is that the storage is taken off the client premises; the responsibility for security is something that is down to the cloud service provider. By taking storage off client premises this reduces the opportunity for both physical loss of data, and since the data is stored in the cloud it can always be found. For example, loss of a laptop may involve loosing non-backed up data; a Cloud service means that does not happen (depending on the specification of the service). Thus, risk may be better managed using a cloud service. VENDORS COLLABORATING Collaboration between vendors is further enabling the elasticity of the underlying infrastructure. Recently IBM and Juniper Networks announced a means of sharing and migrating workloads over private and public Clouds enabling customer’s existing data centres to seamlessly interact with the public Internet, using a hardware-based approach based around any-to-any
(multipoint) connectivity in conjunction to a Multi-Protocol Label Switching (MPLS) data-carrying mechanism. However, such collaboration may lead to interoperability issues unless standards are agreed upon and the resulting API’s made available under a RAND or royalty free basis. Microsoft’s recently announced Azure platform is a set of initiatives that enables applications to be accessed and delivered that reside in the Cloud in combination with an enterprise’s current local systems. It is currently under test by early adopters. Such a hybrid may have application with government legacy systems. TAKE UP IN ASIA According to a recent IDC survey of IT executives in the Asia-Pacific region, 41 percent said they were using or evaluating Cloud based services such as SaaS, but 17 percent said there were currently insufficient Cloud services to make the platform a compelling option. More than 50 percent of respondents using such services said cost cutting was the main reason behind their adoption of Cloud Computing so they could reduce their fixed infrastructure costs. Another research firm, Gartner also noted that the absence of any license costs in advance for SaaS apps may be attractive, but total cost of ownership may be more expensive over time since the costs are usually constant throughout the product’s lifecycle. Globally, a consultancy, Avanade, surveyed 500 U S based C-level executives and reported concerns around
THE ISSUE OF SECURITY It is important to note that from an OCA perspective, the Cloud can increase overall security since Cloud is an improvement on the status quo. The current position in many environments is one of weak internal physical security controls and people regularly leave security doors open, loose USB sticks, disks, handbags, cell phones, laptops egov
MAY 2010
21
Cloud Computing that included security and loss of control, then the challenges of integration with legacy systems, high ongoing costs and poor support. However, they did recognize that the Cloud presented an opportunity for lower upfront costs and ongoing costs, but in the current economic downturn of the business cycle, were not embracing it; only 27% who were currently using Cloud Computing said that they would increase usage in 2009. Another issue is availability, which is dependent on the physical Internet structure and its addressing systems, in particular as we move over from IPV4 to IPV6, as well as the reliability of the service providers of the SAAS apps. The well publicised failure of Google’s Gmail system for two-and-a-half hours on February 24 has focused attention on availability/reliability issues. ISSUES SPECIFIC TO GOVERNMENT Apart from the forgoing, which is applicable to both the private and public
sector, government has additional demands in that its IT systems are part of the ultimate cultural history of the nation. In addition, government has to interact with both citizens and business in formats and protocols that do not overly add an additional burden or expense. So with respect to storage capability, it is probable that for critical lifelong data storage, that government will continue to manage their own data centres for essential records; land titles, court records, census and statistics, possibly medical and pension data, in general. However, some functions such as payroll and HR (or pensions) may be managed using Cloud-based SaaS systems, as well as non critical (read Defence and Diplomatic) communications systems, such as hosted email services. Privacy and security are no more or less of a concern with the Cloud that with any other distributed data system, however an additional layer of security may be required for certain data such as medical records in the Cloud to gain public trust and acceptance in the near term. In conclusion, like the technologies
that came before it, Cloud Computing is a confluence of innovations that will over time penetrate every aspect of both public and private life, just as the Internet has. Governments need to actively monitor the collection of technologies that make up the Cloud; pilot and evaluate ,do the math and then migrate services as appropriate. \\
MICHAEL MUDD
Mike Mudd (mmudd@ opencomputingalliance.org) is the Chief Representative of the Open Computing Alliance in the Asia –Pacific region, based in Hong Kong. The OCA seeks to encourage productivity, growth and employment through new opportunities arising from distributed and networked computing. (www. opencomputingalliance.org)
REFERENCE: http://csrc.nist.gov/groups/SNS/cloud-computing/cloud-def-v15.doc
TCS SOLUTION WINS PLATINUM ICON AWARD IN THE INNOVATIVE USE OF TECHNOLOGY CATEGORY Tata Consultancy Services (TCS), a leading IT services, business solutions and outsourcing firm, has won the Platinum Icon Award for Innovative Use of Technology, the highest award in the category, at the Web Ratna Awards, 2009, for developing the Tsunami Early Warning System (TEWS) for Indian National Center for Ocean Information (INCOIS). The Web Ratna Awards have been instituted under the ambit of the National Portal of India (http://www.india.gov.in) to promote innovative e-governance initiatives and to give due recognition to the exemplary efforts in this direction. The Tsunami Early Warning System was envisioned as a National Importance E-governance Project by the Ministry of Earth Sciences, Government of India after the 2004 Tsunami disaster. TCS was chosen to develop and implement the TEWS for INCOIS as part of the National Tsunami Early Warning Centre at Hyderabad. A first-of-its-kind implementation in the Indian Ocean Region using state-of-the-art IT and geospatial technologies, the solution provides real-time seismic data to INCOIS scientists helping them detect, assess and monitor Tsunamigenic earthquakes and issue Tsunami alerts. TCS leveraged its quality framework and project management methodologies and experience in designing geospatial solutions to operationalise the system in a record time of eleven months. Dr Satheesh C Shenoy, Director, INCOIS said, “The award is a recognition of our endeavour to leverage the benefits of technology to mitigate potential treat to life and property from Tsunami in the Indian Ocean to nearly 400 million people of our population.” He further added, “The system has proved to be extremely effective in the wake of several high magnitude undersea earthquakes in the Indian Ocean region. We have successfully used the TEWS to validate several earthquakes since inception in October 2007 including the most recent earthquake in April 2010 off southern Sumatra.” INCOIS was able to validate the April 2010 earthquake within 10 minutes and issue Tsunami alerts for Andaman and a Tsunami watch for main land in the next 20 minutes. Tanmoy Chakrabarty, Vice President & Head, Government ISU, TCS said, “As the largest IT-company in India, TCS has always focused on using its core competencies to drive large-scale societal impact and transformation. The Tsunami Early Warning System for India is a robust and versatile solution that can also be leveraged by all countries that are prone to threats from Tsunamigenic earthquakes.
22
www.egovonline.net
Organisers
Co-organisers
Host State Partner Country Partner
I am happy to know that Hyderabad is hosting the sixth edition of e-INDIA 2010, Indias largest ICT event. The Andhra Pradesh Government which has taken up several path breaking initiatives in ICT, e-Governance, e-Education, e-Health, e-Agriculture and related fields is glad to be the host of this prestigious event. Andhra Pradesh has emerged as a preferred destination for knowledge-driven and high-value investments. Hyderabad, capital city of Andhra Pradesh offers immense potential for IT companies in terms of its advance business infrastructure and best IT & ITES practices, highly skilled workforce, and supportive Government policies. On behalf of the Government of Andhra Pradesh, I welcome you all to e-India 2010 and wish the event all success.
eINDIA 2005
eINDIA 2006
K Rosaiah Chief Minister, Andhra Pradesh
In serving its citizens, Government of Andhra Pradesh has embarked on practicing e-Government and leveraging the tools of Information & Communication Technology. Hosting of eINDIA 2010 in Hyderabad symbolises the government’s commitment of achieving the goal of citizen centric, clean and good governance. eINDIA witnesses partici pation from government, international developmental agencies and the service providers in e-Governance. Exhibition at eINDIA 2010 will facilitate synchronisation of demand and supply in terms of adoption of right technology and processes towards enabling e-Governance. To maintain the pace of growth and consistent progress in this sector, eINDIA would go a long way.
eINDIA 2007
eINDIA 2008
Komathireddy Venkat Reddy Minister for Information Technology, Communications, Youth Services and Sports, Government of Andhra Pradesh
eINDIA 2009
eINDIA 2010, the sixth annual ICT forum in India aims to render active conferencing, networking and showcasing while organising six seminal tracks on egov, Digital Learning, eHealth, eAgriculture and Telecentre Forum. As an international event, the eINDIA 2010 Conference and Exhibition aims to bring together 2000 high level representatives of the Information and Communication Technology (ICT) industry, government, civil society, academia and private sector from all across the globe to share the best practices and digital opportunities for development. The presence at the Conference, besides other benefits, offers a perfect platform for establishing and fostering high level networking contacts with leading representatives of the world’s ICT sector in government, education, health, agriculture, rural development and urban governance.
Conference Objectives Provide a collaborative forum to participants to share knowledge and ideas enabling them to develop cross-sectoral contacts and partnerships. Establish a comprehensive picture on the impact of ICT available from national and international experience sharing. Give a reference framework for describing impact, looking at approaches and methods currently used in the ICT sector and their suitability. Synthesise the main results of the experience sharing and progress made in recent years to provide a baseline for discussion on the findings with policy makers, professionals and community of practices. Highlight barriers of ICT integration in India and for other countries as well. Give policy recommendations on the basis of the evidence available in order to create favourable framework conditions for effective ICT integration as well as future fields of actions at national and international level. Identify gaps engagements.
in
current
research
The application of ICT has a profound impact on the efficiency, responsiveness and accountability of the government, thereby, on the quality of life and productivity of citizens and businesses. egov 2010 will provide a platform for policymakers, industry leaders, academicians and e-Governance architects to discuss and share the achievements, challenges and lessons learnt in implementing e-Governance in India. With the aim of promoting the use of ICT in education, digital LEARNING 2010 track focuses on the current trends, perspectives, research, discussions and initiatives in the field. digital LEARNING 2010 invites all of you to be a part of this ‘Larger than Life’ event, to participate, discuss, be heard and make a difference to the education sector. Modern ICTs are revolutionising healthcare systems, by transforming health administration, service delivery and care management. eHEALTH India 2010 – the most definitive Indian event on healthcare ICTs, technologies and applications will bring together the entire community of health IT for active conferencing and networking. ICTs can enable the biggest entrepreneur community i.e., farmers to deliver their best and consequently build a stronger nation and economy. eAgriculture 2010 will share ideas and find ways through which current agricultural practices can be made more efficient with the help of ICT tools. Of the numerous efforts at making ICT a tool for socioeconomic development telecentres have been playing a dominant role. This forum will act as a platform to share experiences in order to come up with tangible solutions to the issues raised. The conference would educate policy makers, municipal officials and citizens about how IT can make the functioning of municipalities smooth and speedy. The event provides a unique platform to understand and debate strategies to arm municipalities with IT, challenges that might arise and the advantages that people can get.
eINDIA has been an excellent platform for bringing together stakeholders to exchange ideas and to get to know the possibilities of new innovations that have come into the field of technology. eINDIA has made the entire process very exciting, and I must compliment that every time I have attended the event, I discovered newer and better innovations. It is an insightful and learning experience and will be a good eye opener for those who are not aware of these ICT trends. eINDIA has been instrumental in bringing together potential partners, not just in the ICT in education field but also those in the health, governance and telecentre domains. It has helped support the fact that technology can extend developmental opportunities and facilitate the teaching process further. D Purandeswari Minister of State, Higher Education, Ministry of Human Resource Development, Government of India
CURTAIN RAISER
Conceptualising the future developmental agenda eINDIA 2010, India’s Largest ICT event, is going to be organised from 4th to 6th of August, 2010 at Hyderabad International Convention Centre, Hyderabad, India, by the Centre for Science, Development and Media Studies (CSDMS) and Elets Technomedia Pvt Ltd. The event has the Ministry of Communications and Information Technology as its co-organiser along with Directorate General of Employment & Training (DGET), Ministry of Labour & Employment, Government of India and National eGovernance Plan. The host state partner for the event is the IT & Communication Department, Government of Andhra Pradesh, while the country partner for the event is Sri Lanka. The event is said to be a unique platform for disseminating and sharing of knowledge across verticals in the domain of ICT for Development and facilitates multi-stakeholder partnerships, bringing together the central and state governments, industry, academia and civil society organisations of different countries, including the host country - India.
The launch and the curtain raiser of eINDIA 2010 took place in New Delhi at The Claridges, on April, 9, 2010. The event was formally launched by eminent personalities which was followed by a Power Panel discussion, titled ‘Digital India in the Making - Opportunities and Challenges’ by the dignitaries. The keynote address was delivered by R. Chandrashekhar, Secretary, Department of Information Technology, Ministry of Communications & Information Technology, Government of India. He spoke about many issues including scaling up of many Indian sectors, about transformations taking place in field of web technology and issues related to Web2.0. He informed the participants that eINDIA has grown in its magnitude and scale since its inception and congratulated the organisers for the same. He spoke about the need for convergence of different domains of governance, health and education in the second phase of e-Governance, going on currently. The other panelists at the session included Dr R S Sharma, Director General, Unique Identification Authority of India (UIDAI); Savitur Prasad, Secretary IT, Government of NCT of Delhi; Dr R Sreedhar, Director, Commonwealth of Learning; S Reghunathan, Former Member, National Knowledge Commission; and Prof V N Rajasekharan Pillai, Vice Chancellor, Indira Gandhi National Open University. eINDIA 2010 has been conceptualised with the composition of seminal conferences on the emerging application domains of ICT for Development in eGovernance, ICT in Education, ICT enabled
Left to Right: Dr Ravi Gupta, Prof V N Rajasekharan Pillai, S Reghunathan, R Chandrashekhar, R S Sharma, Dr R Sreedhar, Savitur Prasad and Dr MP Narayanan at the Curtain Raiser of eINDIA 2010
Health services, ICT in Agriculture, ICT in Rural development and ICT in Urban Governance. There will be six conferences on eGov, digital LEARNING, eHealth, eAgriculture, Indian Telecentre Forum and Municipal IT in the event.
eINDIA 2009 AWARD WINNERS
Watch Out For
Dr Ahmed Mouhmed Tobal
Education Project, Ministry of State for Administrative Development, Egypt
B S Ganesh Babu
Senior Manager-IT & Systems, Aravind Eye Care System
Ahmed Eisa
Chairman, GDCO Sudan
Babu Ahmed
CEO, Aarogyasri Healthcare Trust
Amitabh Tripathi
Deputy Controller General of Accounts, New Delhi
Balaji Utla CEO, HMRI
Recognising excellence in ICT eINDIA Awards are the premier accolades given to innovative endeavours made in assimilating technology in developmental concerns. Nominations for eINDIA 2010 awards are invited for the following six categories from individual participants, government organisations, non-governmental organisations (NGOs), private institutions and enterprise who have transformed social development opportunities into a sustainable social enterprises through innovative use of ICTs.
Digital Learning
Capt Dilip Mahajan Deputy Commissioner Ahmedabad Municipal Corporation
Dipankar Sengupta
Technical Director, Office of Controller General of Accounts, National Informatics Centre
Dr Karanvir Singh
Consultant Surgeon, Sir Ganga Ram Hospital, New Delhi
ICT Enabled School of the Year ICT Enabled University/Higher Education Institute of the Year ICT Enabled Business School of the Year ICT Enabled Engineering College of the Year Skill Development Initiative of the Year Open and Distance Learning Initiative of the Year
eGov Prof K R Srivathsan Former Director, Kissan Kerala (IITM-K)
Laxminarayan
Group General Manager, SCZ, IRCTC
Manish Bharadwaj
Director, Census Operations, Gujarat
Government to Citizens (G2C) Initiative of the Year Government to Business (G2B) Initiative of the Year Government to Government (G2G) Initiative of the Year mGovernance Initiative of the Year ICT Enabled PSU of the Year ICT in Financial Inclusion Initiative of the year
eHealth Mukesh Hajela
CEO & Vice Chairman, NICT-INDORE
Dr Neeta Shah
Director, Gujarat Informatics Ltd.
Neeta Verma
HOD, Data Centre & Web Services Division, National Informatics Centre, Delhi
ICT Enabled Hospital of the Year Government Policy Initiative of the Year Civil Society/ Development Agency Initiative of the Year ICT Enabled Diagnostic Service Provider of the Year Health Insurance Initiative of the Year
eAgriculture ICT Enabled Agriculture Initiative of the Year Niranjan Meegammana Managing Director, e-Fusion, Sri Lanka
Dr Rathan Kelkar
Director IT, Kerala IT Mission, Government of Kerala
R K Kapoor
Dean of ICT, Scindia School
Municipal IT ICT Enabled Municipal Initiative of the Year
Telecentre Innovative Grassroots Telecentre Initiave of the Year
Dr R C Patnaik
Chief Medical Officer Municipal Corporation of Delhi
Dr S Vijayakumar
Spl Sectretary, Department of Health & Family Welfare, Government of Tamil Nadu
S K Panda
SIO & Senior Technical Director, National Informatics Centre, Orissa
Nominations can be made online at www.eINDIA.net.in/awards/2010 For clarifications, contact: Sheena Joseph, email: awards@eindia.net.in; Mob +91 – 9971841718
Key Speakers at eINDIA 2010 D Purandeswari
Minister of State Higher Education Ministry of Human Resource Development (HRD) Government of India
R Chandrashekhar
Subhash C Khuntia
Shankar Aggarwal
Sudhir Krishna
Dr Sameer Sharma
Prof V N Rajasekharan Pillai
Joint Secretary Ministry of HRD Government of India
Ratna Prabha
Secretary Department of IT (DIT) Ministry of Communications & IT Government of India
Principal Secretary-IT Government of Andhra Pradesh
N Ravi Shanker
J Satyanarayana
C D Arha
Chief Information Commissioner Andhra Pradesh
Sharda Prasad
Joint Secretary & Director General Employment & Training, Ministry of Labour & Employment, Government of India
Michael Riggs
Chairman National Institute of Open Schooling (NIOS)
Ashis Sanyal
Senior Director DIT Government of India
Director General Centre for Good Governance
Kapil Mohan
Director Ministry of Power Government of India
Sherif El Tokali
T Krishna Prasad
Assistant Resident Representative Poverty Reduction, MDGs and Private Sector Team Leader
IGP & Director Police, Communications Government of Andhra Pradesh
Dr Shayama Chona
Dr Ashok Kumar
Dr S S Jena
Dr Rajeev Sharma
Special Secretary, Revenue Government of Uttar Pradesh
Prof V S Ramamurthy
Project Director Directorate of Information & Publications of Agriculture, Indian Council of Agricultural Research
Vice Chancellor Indira Gandhi National Open University (IGNOU)
Amod Kumar
President Tamana,Ex-Principal DPS RK Puram, Padma Shri and Padma Bhushan Awardee
Dr T P Trivedi
Additional Secretary Ministry of Panchayati Raj Government of India
Principal Secretary, Health, Medical and Family Welfare Government of Andhra Pradesh
Knowledge and Information Management Officer FAO, Rome
Director National Institute of Advanced Studies Indian Institute of Science
Director General Unique Identification Authority of India
Joint Secretary DIT, Ministry of Communication & IT Government of India
Commissioner Greater Hyderabad Municipal Corporation
Joint Secretary, DIT, Ministry of Communications and Information Technology, Government of India
R S Sharma
Dr Latha Pillai
Pro Vice Chancellor IGNOU
Shakila Shamsu
DDG and Director Central Bureau of Health Intelligence, Government of India
Joint Advisor (Education) Planning Commission
Prof K R Srivathsan
Pro Vice Chancellor Indira Gandhi National Open University (IGNOU)
Basheerhamad Shadrach Executive Director telecentre.org Foundation
Ashish Garg
Dr Karanvir Singh
Regional Coordinator - Asia Global e Schools & Communities Initiative
Consultant Surgeon Sir Ganga Ram Hospital, New Delhi
Ahmed Eisa Chairman GDCO, Sudan
Are You?
Delegate Registration Form
4 - 6 August, 2010, Hyderabad International Convention Centre, Hyderabad, India
Key Partners at eINDIA 2009
IT & Communication Department, Government of Andhra Pradesh
empowering education... enabling careers
TRS TOTAL REFLECTIVE SOLUTIONS
FEATURE
Private, Not Proprietary Cloud Computing www.ibm.com
Amid rising costs, a challenging economy and an explosion in Webbased data, IT experts expect continued high growth in Cloud Computing. Cloud Computing saves energy and operating costs by pooling IT resources, scaling up or down as needed, and putting computer power to use, rather than drawing energy while remaining idle. According to InfoTech Research Group, most computer servers run full time, but are used at only 10 to 20 percent of capacity. Over the next decade Cloud Computing will transform how IT is purchased, sourced and provisioned, according to the research firm IDC. Companies use the advanced technologies that Cloud Computing offers to exchange digital information around the world, and across a variety of devices. Companies are able to quickly deploy new applications and meet peak workloads without adding to existing infrastructure. Its autonomic features can be applied to predict harmful events, such as overheating or unbalanced workloads, and take corrective actions. These are all advantages for companies under pressure to save time, and money and maintain a complex IT infrastructure while keeping their primary focus on the business. Public or external cloud-based services, which receive most of the media attention, are available from a third-party service provider, via the Internet. The term ‘public’ does not always mean free. Some are fairly inexpensive to use, and frequently companies pay vendors per use. Cloud Computing platforms can also be private, however, and hybrid architectures integrate both private and public platforms. At its most basic, Cloud Computing is both a business model and a user experience. It is an approach to a shared IT infrastructure in which large pools of computer systems are linked together to provide IT services. It meets the high-
PANKAJ SINHA
performance demands of the dynamic Web in which massive amounts of information is processed in split seconds. For IT users, Cloud Computing offers fast access to diverse types of information regardless of the type of device they are using. Issues of security and governance that Cloud Computing raises are typically addressed through servicelevel agreements (SLA) with providers. Companies tend to avoid ceding too much control to an outside vendor, and want assurances that the cloud services will be up and running 24/7, 365 days. Companies need to maintain the security of their data. Some data may not be permitted to leave an enterprise, or a specific geographic location. Therefore, it is essential to evaluate which workloads can be sourced through public clouds and which kept in-house and delivered through private clouds. A strategy working for some companies is to begin with private Cloud Computing solutions in order to evaluate results in a controlled environment. Private clouds remain behind firewalls in order to maintain privacy and security. Companies are able to establish security protocols, carefully monitoring the levels of access to the information available for exchange. Access can be limited to internal networks, such as employees, then evaluated before being expanded to other limited networks, for example, business partners. Private clouds can be managed without network bandwidth restrictions, security exposure and regulatory compliance issues of public clouds. With either private or public clouds, companies need to begin with trusted, secure foundations in order to build the most secure, efficient, and resilient cloud services platform; beginning with the underlying infrastructure is a better strategy for long-term success, especially if there is a need to integrate public and private clouds in the future.
Right now, companies may find the best strategy is opting for cloud services that are interoperable and based on open technologies. Reaping the advantages of Cloud Computing means learning how best to use cloud platforms for individual business needs. Tasks well suited to clouds include: data-intensive workloads, particularly where the data is Internetbased and of a similar data format, such as, search; workloads that do not require long-term capacity. While large enterprises leverage public clouds to host parts of their IT, they often require their own infrastructure due to security, resiliency, or governmental regulations, which standardised offerings can not provide. Opting for private Cloud Computing allows them to manage their own requirements. In a hybrid arrangement, a private cloud enables the secure use of public clouds; for example, employees access public cloud services through a private cloud rather than directly. Whether public, private or hybrid, a major driver of Cloud Computing is the need for companies to get new ideas, products and services to market faster, and continually innovate to meet global competition. Cloud Computing delivers more advanced technology within a simpler, cost effective infrastructure. It creates a flexible, robust infrastructure to serve the needs of today’s economy where knowledge flows to countries and regions wherever IT infrastructures are reliable and responsive. \\
PANKAJ SINHA
Program Director – Lab Services – India Software Labs - IBM
egov
MAY 2010
31
INTERVIEW
Cloud: The Technology Enabler for Enterprises www.wipro.in
ANAND RAMAKRISHNAN GENERAL MANAGER CLOUD COMPUTING SERVICES WIPRO INFOTECH
What is Wipro’s vision of Cloud Computing? How are your IT infrastructure offerings being extended to embrace the Cloud? Wipro has been in the forefront of IT services innovation and has been helping enterprises drive business transformation by harnessing the power of technology.
32
www.egovonline.net
Wipro’s vision is to continue on this journey of innovation through Cloud Computing, which accentuates our commitment to help customers address the exacting demands of today’s unpredictable environment. Wipro Infotech’s Cloud Computing Services offer IT solutions to address
customer requirements on a pay-peruse model, with dynamic infrastructure provisioning capabilities. Wipro’s Cloud Computing services are provided from Wipro’s Tier 3 Data Centres which are state of the art Data Centres with high availability IT infrastructure that have been commissioned for Cloud Computing.
Security is a critical aspect of the cloud model. The cloud must support an environment that provides very high levels of security, since any security breach or loss of data can have a crippling effect on an organisation. The entire infrastructure is managed and monitored round-the-clock by Wipro’s remote delivery centre, GSMC, which is a world class delivery centre with high levels of automation. Both, the Data Centre as well as GSMC have the highest levels of relevant industry standard certifications. Wipro Infotech has spun off a new division to address Cloud Computing business. Tell us about the ‘pay-peruse’ model adopted by your company in this regard. Wipro’s Cloud Computing Services portfolio includes Infrastructure as a Service (IaaS) and Software as a Service (SaaS). IaaS allows organisations to control their investments with a flexible payper-use pricing by choosing an Service Level Agreement (SLA)-driven virtualized IT infrastructure to match their business requirements without having to own it. The infrastructure is dynamically scalable based on the demands of the business, thereby ensuring lower Total Cost of Ownership (TCO). The IaaS offerings are: Managed Compute • Managed Storage • Managed Backup • Managed Security • Managed DR • All the above have a granular pricing model. For example, Managed Storage is provided on a “per GB” of storage that is required by the customer. SaaS provides organisations with a flexible pay-per-use pricing for business applications hosted in Wipro’s Enterprise Data Centres. This SLA-driven offering ensures that customers can significantly bring down their TCO while focusing on their core business competency. The SaaS offerings are: Core Banking Solution • Dealer Management • CRM and ERP • Supplier Portal • Document Management • Collaboration and Communication • Hospital Information Management • Solutions These applications have various pricing models that are based on the business needs of the Client. For example, The Core Banking Solution is priced on a “per Branch per Month”
basis or on a “per Account” basis. The new division focuses on offering such solutions to various Industry segments in the Indian market. What are the chief advantages of Cloud Computing? How suitable is it for deployment by the public sector? The key advantages of Cloud Computing are: • Faster provisioning and higher availability of IT resources • Conversion of Capex to Opex, which is elastic and can be scaled on the basis of requirements • Eliminates technology obsolescence risk for the Customer • Eliminates IT management issues, since Cloud Computing delivers IT as a Service The above advantages can be derived by any organisation, including Public Sector organisations. Public sector enterprises run their applications on a diverse set of platform/middleware software. In this scenario, how can the cloud platforms be made viable? Cloud Computing services gives various options of platforms and technologies, which can be leveraged effectively by Public Sector Enterprises. More importantly, Clouds also enable organisations to run a mix of platforms, which would prove to be expensive if an organisation does this on its own. What is the response of government in India for Cloud Computing deployment? Are you catering to any government client currently? If yes, tell us briefly about the project. Various Government Departments and Agencies are currently evaluating the feasibility of adopting SaaS and IaaS as well as Hybrid Clouds to leverage their existing investments as well. Wipro is involved in some of these discussions. What are the security issues pertaining to the use of Cloud Computing? How serious are the security threats? How can these threats be resolved? Security is a critical aspect of the cloud model. The cloud must support an
environment that provides very high levels of security, since any security breach or loss of data can have a crippling effect on an organisation. These issues need to be addressed through the architecture of the Cloud Service Provider. Security should cover both Physical as well as Logical aspects. Cloud Service Providers should ensure that they do not compromise on security infrastructure for lowering costs. What are the business opportunities for Cloud Computing in India? How are Wipro’s cloud offerings different from cloud-based solutions provided by other market players in this domain? Cloud Computing has evinced interest across all customer segments, such as Large Enterprises as well as Small and Medium Businesses (SMBs) across industry verticals and hence this provides a large opportunity for Service Providers like Wipro. Wipro’s approach to both these market segments is to provide a business-centric solution, rather than a ‘one-size-fits-all’ solution. We leverage the domain expertise and the years of experience of having implemented IT solutions for various domains such as Banking, Telecom, Manufacturing, Healthcare, etc. For example, Wipro has an ERP solution specifically designed for the Auto Industry, a Core Banking Solution for the Cooperative Banks and Micro Finance Institutions and so on. What are Wipro’s plans for the Indian Cloud Computing market? As mentioned above, Wipro will offer its customers pay-per-use model which will be customized to their specific needs at affordable prices. Wipro offers ondemand services for both infrastructure as well as applications. In addition to large organisations, Wipro has identified six clusters which includes, textiles, hospitals, auto ancillaries, urban cooperative banks, gems and jewellery and toys as target markets. The new division that has been formed for Cloud Computing will focus on these markets and segments. \\ egov
MAY 2010
33
INTERVIEW COVER INTERVIEW
Sound Architecture: Key to Homogenising Cloud www.crimsonlogic.com
TAN SIAN LIP VICE PRESIDENT SOLUTIONS AND CONSULTING CRIMSONLOGIC PTE LTD
““Sound und architecture ar hi ec ur design d sg gn is i key k y to o homogenising homogen g s ng g the th view v ew of the t e Cloud Cl ud d on n the he user-front. userr frr ntt Different D ffer nt virtual virtt all machines mach ma hine ne have ha h vee different d ffer nt security cu it i y paradigms par di digm g that th hat have h ve to t be b tied ti t ed d together t getther and d analysed an lysed d tto ensure en ur there th he are re no loopholes.” l p pho h les ”
34
www.egovonline.net
An Indian Government Cloud will provide all participating agencies with a more economical and scalable infrastructure that will be flexible enough to handle specific requirements of the varied participating agencies. It will also give less well endowed agencies access to a more comprehensive set of shared services and data that they could otherwise not afford.
What is CrimsonLogic’s strategy for Cloud Computing? CrimsonLogic has a rich heritage as an operator of e-Governance ‘Cloud Computing’ services such as Singapore’s TradeNet and SingPass, an e-Identity authentication system that enables Singaporeans to access online services offered by various government agencies. Besides designing and implementing the systems, CrimsonLogic has been entrusted with the responsibility to run and maintain these systems, which requires the management of highly secure infrastructure to support them. We are excited by Cloud Computing and the potential benefits it entails such as lowering infrastructure costs, utility computing, self-provisioning, essentially bring computing power to the hands of the users. Forming strong alliances with specialist players in the Cloud Computing field and blending the technology with CrimsonLogic’s strong implementation experience in large-scale national projects is one of the approaches we are adopting to address our customers’ requirements. Given our holistic implementation expertise, we are keen to play a part on all levels of the Cloud stack which are Software-as-a-Service, Platformas-a-Service and Infrastructure-as-aService. Cloud Computing is expected to increasingly gain momentum amongst governments. We believe governments have enough scale, predictable seasonal demand surges, and a need to respond quickly to unpredictable changes in socio-economic conditions. They also have a need to maintain highly secure computing environments
as trustees and custodians of sensitive citizens’ data. Setting up private clouds provides a good balance of economic benefits whilst providing sufficient security to maintain public confidence in e-Governance services. How do you see CrimsonLogic rendering its services in Cloud Computing to the Indian Government? India is a large country with a large and varied public sector that includes agencies that are richly endowed with IT expertise and systems, as well as those that are not IT-savvy at all. An Indian Government Cloud will provide all participating agencies with a more economical and scalable infrastructure that will be flexible enough to handle specific requirements of the varied participating agencies. It will also give less well endowed agencies access to a more comprehensive set of shared services and data that they could otherwise not afford. What is the cost benefit that one foresees for Cloud Computing deployment? We believe Cloud Computing will further enhance the adage ‘think big, start small’ in implementing projects. Too often, the high upfront investment cost in large-scale e-Government projects that CrimsonLogic is typically involved in is a deterrent to stakeholders. The capability of Cloud Computing enables planning for a large-scale system and yet starting with a smaller system that is highly and readily scalable. In our system implementation offerings, we are keen to use Cloud
Computing, server virtualisation and consolidation to lower the TCO (totalcost-of-ownership). What challenges do you foresee in terms of Cloud Computing implementation? As with any new technological adoption, there will be a need to address potentially unknown issues of new security threats and also the readiness mindset of stakeholders in putting critical information and application in the ‘virtual space’. How is reliability and security of different systems integrated ensured to form a cloud to a common level? Sound architecture design is key to homogenising the view of the Cloud on the user-front. Different virtual machines have different security paradigms that have to be tied together and analysed to ensure no loopholes. CrimsonLogic has a strong partner in our subsidiary RadianTrust which is an industry expert in security and penetration testing to do this. What are the new business developments happening on cloud? What are some of your future plans in the domain of Cloud Computing? CrimsonLogic has an Office of Technology Department that actively looks after new developments in the IT arena and explores how we can leverage on them. Besides exploring the potential of Cloud Computing for new engagements, we are also examining how existing systems can benefit from Cloud Computing. \\
egov
MAY 2010
35
COVER INTERVIEW
Securing our Clouds www.verisign.com
RAJIV CHADHA VICE PRESIDENT VERISIGN INDIA
Cloud Computing is the most significant trend in IT now, yet many of the organisations can’t fully trust it, why is that so? Security has always been seen as the biggest barrier to putting applications in the cloud. Trusting a supplier with business-critical data has been a step too far for many large companies. Businesses have been rightly afraid that their data might fall into the wrong hands if they lose control of its security. But the scenario is changing. Suppliers of Cloud Computing do not want customers auditing their security but they do not mind independent standards organisations doing so. They are now
36
www.egovonline.net
willing to put in place security that meets industry standards such as ISO. VeriSign provides cloud-based security and authentication for the Windows Azure platform. Can you please elaborate on the same. In what ways does Verisign have an edge over other players in the domain? Microsoft will use proven VeriSign® Secure Sockets Layer (SSL) Certificates and VeriSign® Code Signing Certificates to safeguard cloud-based services and applications developed and deployed on the Windows Azure platform. The platform is comprised of Windows Azure: an operating system in the cloud; SQL
Azure: a fully relational database in the cloud; and the Windows Azure platform AppFabric Service Bus and Windows Azure platform AppFabric Access Control - a set of pre-integrated, higher-level application services enabling developers to more easily deploy and manage composite applications spanning both server and cloud. Because cloud platforms like Windows Azure are elastic, dynamic and accessible from anywhere on the Internet, reliably securing the cloud requires an infrastructure that can meet the unique challenges of Cloud Computing by scaling on demand. With VeriSign SSL Certificates, enterprise users can be assured that
applications running on Windows Azure are secured by strong SSL encryption. VeriSign SSL also protects data moving between users, applications and servers, while providing authentication between users and cloud based servers. Developers of Windows Azure applications can sign their code with VeriSign Code Signing Certificates, which signal to end users that the applications come from a trusted publisher. Code Signing Certificates serve as ‘virtual shrink wrap’ for cloud-based applications by applying a digital signature to code. A broken digital signature tells users that the application has been tampered with or modified. VeriSign’s Certificate Management solutions simplify the administration of SSL certificates and digital signatures. What are the issues which the enterprises will have to look into when moving from one cloud-based service to using several services from different providers? Enterprises need to rely on multiple service providers as a single provider cannot offer all the required services (email services, email filtering service, authentication service, policy management service, etc.) The enterprises need to ensure that the service provider has sustainable, scalable, and available services that are also secure. Also, the provider has to cater to customer needs immediately and should be continuously able to address their requirements and changing business needs and challenges. This requires the service to be time tested. Usually, such service providers are also audited for security compliance. Ultimately, the service provider needs to be trusted. How prepared is the private industry to deal with the challenges and risks that come along with Cloud Computing? The industry is not well armed to deal with the challenges and risks that come along with adoption of Cloud Computing; right from security risks to lack of standards for Cloud Computing. Corporate concerns over data security are holding back Cloud Computing. Security experts, software suppliers and cloud service providers alike see the cloud as a once in a lifetime opportunity to make information security better than
ever. However, if handled properly, the shift to cloud-based computing could lead to better security. Understanding the value of each type of data can help businesses decide what type of cloud is the best fit. Most organisations will probably not go for one type over the other, but instead use a combination of two to form a public-private hybrid. Still the problem remains of having no standards for Cloud Computing for handling different kinds of data, especially sensitive personal data such as healthcare records. Global IT security organisations and governments have a role to play in taking the lead on standards and should intervene rather than leaving it up to the emerging service providers. Services that take in user identity need to offer an additional form of authentication Similar to software-as-aservice, the security-as-a-service model of VeriSign Unified Authentication delivers a range of advantages such as low total cost of operation, no major capital expenditures, built-in scalability and reliability, and out-of-the-box integration with existing infrastructure. How big is the Cloud Computing market in India? What is your company’s plan to optimise this market in India? The Indian market for Cloud Computing is huge. There are 8 million SMBs in India with around 35 million employees and 10 million potential users of Cloud Computing. By 2012, customer spending on IT cloud services will grow almost threefold, to $42 billion and account for 9% of revenues in five key market segments (business applications, application development or deployment, system infrastructure software, storage and servers), according to IDC. The analyst firm predicts that spending on IT cloud services is growing at over five times the rate of traditional, on-premise. VeriSign helps companies control access to organisational assets with better access management and unified identity across the organisation and between business partners. VeriSign secures critical business interactions and operations with services based public key infrastructure (PKI) and one-time password (OTP) solutions. VIP or VeriSign Identity Protection adds a second layer of security to online transactions and
enables organisations to secure access to their networks and websites more conveniently and for customers it enables safer transactions. EV-SSL certificates provide a visual identity with the address bar turning green and the name of the enterprise shown as the legal owner of the site. VeriSign’s PKI solutions protects applications that demand the highest level of security, enabling online banking and trading, Web services-based business process automation, digital form signing, enterprise instant messaging, and electronic commerce. The system uses a pair of mathematically related keys—called a private key and a public key—to encrypt and decrypt confidential information and to generate and verify digital signatures What are your future plans in the Cloud Computing domain? Our best example of Cloud Computing is VIP (VeriSign Identity Protection). Historically companies have used two-factor authentication by buying a server, operating that infrastructure inhouse and paying the license fee for the software. The way we’ve built VIP allows somebody to do all that authentication at the VeriSign datacentre, and we charge them per user, per year, typically. The way we’re doing VIDN (VeriSign Internet Defense Network), which is our DDoS (Distributed Denial of Service) mitigation project, is also a Cloud Computing service. Instead of a company going in to buy a lot of new infrastructure to handle a DDoS attack and manage that infrastructure, they just redirect all their traffic to VeriSign. We go ahead and provide the extra bandwidth and filter out the bad traffic and just send the good traffic back to the company. That’s another pure cloud-based service.Our PKI (Public Key Infrastructure) and SSL (Secure Sockets Layer) services are generally cloud-based as well. In some cases, they do have elements of their service that sit within the customer premise for management and administration, but they are relatively cloud-based services. VeriSign will continue to enhance these services and offer more cloud based services that will bring trust to the consumer, business, government, and ultimately to the Internet. \\ egov
MAY 2010
37
SHOWCASE
Web Ratna Awards Recognizing “Excellence in Web Space” www.nic.in
6786 Websites, 20 million documents and web pages, is the present size of the ‘Web Space of Indian Government’ and its growing by each day. This web space has a diverse set of government applications right from information dissemination, downloading of application forms for government services, online submission of applications, tracking the status of application to end to end delivery of services online. With the penetration of Internet and availability of affordable means to access the World Wide Web, the government web space can now be accessed by citizens of India across the nation, Rural and Urban alike. Comprehensive, Universally accessible and up-to-date web presence has become a need of the hour. The Indian Government has been amongst the frontrunners when it comes to initiatives towards institution and adoption of best practices for integrated delivery of information and services to achieve ICT-led development in the country. Due to its inherent simplicity and ease of use, World Wide Web becomes a natural choice for delivery of government services. In this direction a number of initiatives have been taken, at various levels in the government. Hence, the genesis of instituting Web Ratna Awards under the ambit of the National Portal of India (http://india. gov.in) by National Informatics Centre, DIT to promote exemplary initiatives in e-Governance using the medium of World Wide Web and to give due recognition to the commendable efforts put in this direction. The awards aim not only to recognize the noteworthy and sustainable initiatives in the realm of e-Governance but also to disseminate information about such initiatives for others to customize and replicate the successful solutions. The first ever “Web Ratna Awards” were conferred by Thiru A. Raja, Hon’ble Union 38
www.egovonline.net
NATIONAL INFORMATICS CENTRE
Minister of Communications and IT in the presence of Shri Sachin Pilot, Hon’ble Minister of State for Communications and IT at an exclusive ceremony held on 19th April, 2010 at Vigyan Bhawan, New Delhi. Different categories in Web Ratna Awards touch upon different aspect of e-governance right from web presence to delivery of citizen services to public participation and innovation in use of Technology. A total of 8 (award categories) x 3 (levels of Platinum, Gold and Silver) = 24 awards were conferred to teams and individuals in the following categories: 1. Citizen Centric Service 2. Public Participation Initiative 3. Outstanding Web Content 4. Innovative Use of Technology 5. Comprehensive Web Presence – Ministry/Department 6. Comprehensive Web Presence State 7. National Portal Coordinator 8. NIC Coordinator for the National Portal WEB RATNA AWARDS 2009 CITIZEN CENTRIC SERVICES Platinum Icon: Indian Railways • Passenger Reservation Enquiry System Gold Icon: HIMPOL (Himachal • Pradesh Police on Web) Silver Icon: Bangalore One • (Integrated Citizen Services Portal) PUBLIC PARTICIPATION INITIATIVE Platinum Icon: CIC Online (Filling of • Appeal and Complaints online with CIC) Gold Icon: SANJOG Helpline • (Integrated Grievance Redressal System) Silver Icon: Ideas for CM (Open • Opportunity for the Civil Society)
OUTSTANDING WEB CONTENT Platinum Icon: E-Press Publisher • (Press Information Bureau) Gold Icon: India Post • Silver Icon: Gujarat Tourism • INNOVATIVE USE OF TECHNOLOGY Platinum Icon: Indian Tsunami Early • Warning System Gold Icon: The m-Governance • Mantra Silver Icon: Justice through ICT • (Video Conferencing between Court and Jail) COMPREHENSIVE WEB PRESENCE - MINISTRY/DEPARTMENT Platinum Icon: Department of • Economic Affairs Gold Icon: Rajya Sabha • Silver Icon: Ministry of Rural • Development COMPREHENSIVE WEB PRESENCE - STATE Platinum Icon: Tamil Nadu • Gold Icon: Himachal Pradesh • Silver Icon: Chandigarh • NATIONAL PORTAL COORDINATOR Platinum Icon: A.K.Srivastava, • IAS Gold Icon: Sanjay Kumar, IAS • Silver Icon: Shaliesh Kumar Singh, • IAS NIC COORDINATOR OF THE NATIONAL PORTAL Platinum Icon: Sanjay Hardikar • (NIC Madhya Pradesh State Unit) Gold Icon: Ajay Chahal (NIC • Himachal Pradesh State Unit) Silver Icon: Vivek Verma (NIC • Chandigarh State Unit). \\
NEWS
BUSINESS
HCL INTRODUCES DESKTOP HOME COMPUTING 2.0 HCL Infosystems India’s premier hardware, services and ICT system integration company, announced the return of Beanstalk, one of the most popular desktop range to cater to the growing demand for cutting-edge technology on the home computing front. With powerpacked features and advanced technologies, the all new HCL Beanstalk range will offer the ultimate convenience of productivity, connectivity and an incredible new entertainment experience. HCL Beanstalk was India’s first Home Multimedia PC launched by HCL Infosystems in 1995 with a view to address the fast emerging home computing market. The return of HCL Beanstalk PCs is a significant step towards expanding the leadership positioning in the high end desktop space. HCL Beanstalk will transform the mainstream consumer experience by bringing a whole rich world of multimedia, entertainment, education and lifestyle aiding features.
PRITHVI INFORMATION SOLUTIONS GETS RS 12.5 CRORE e-GOVERNANCE PROJECT To implement the State Data Centre (SDC) for Haryana government Prithvi Information Solutions (PISL), a player in e-Governance infrastructure, has won an order worth Rs 12.5 crore. The Haryana SDC would provide single window for accessing services provided by the state government proving to be a key infrastructure to house the data from various state departments under one roof. For Prithvi, this award marks the second in line for SDC development with Nagaland SDC being the first in the previous quarter.
MOBILE BANKING SERVICE BY NOKIA Nokia is planning to roll out its mobile banking service, Nokia Money, in many Indian cities soon. By using this facility a person can transfer money to another not having bank account and the latter can get the money from Nokia dealer in his area. A pilot of this service launched in Pune in February 2010 with YES Bank had received extremely encouraging response. The company is now looking to have similar tie-ups with other banks to roll out the service in other parts of the country. Nokia Money is like a wallet on phone as it lets people transfer money through the mobile phone. Subscribers also can pay utility bills and top up SIM cards. There will also be the facility to pay for goods and services.
MATRIX TELECOM IS NOW MATRIX COMSEC PVT. LTD. Vadodara based Matrix Telecom is one of the leading manufacturer of telecom equipments. Till date it has continued its telecom operations under the name of Matrix Telecom. Matrix has recently diversified in to manufacturing of security products. Hence, to precisely communicate its area of operations that is Communication and Security, Matrix has changed its name to Matrix Comsec Pvt. Ltd. Comsec stands for Communication and Security. With the new identity Matrix has also changed its corporate logo which, like its new name, will exemplify the area of operations that is Telecom and Security. However, Matrix will continue to market its telecom and security products under the brand name of Matrix Telecom solutions and Matrix Security Solutions, respectively. The name change reinforces Matrix brand as an integrated corporation, that reflects the company’s long-term strategy to advance its global presence, and more closely align and strengthen the identity of each of its operating divisions: Telecom and Security.
MICROSOFT TAKES MEASURED APPROACH TO MOBILE OFFICE APPS Microsoft is readying an aggressive push into cloudbased productivity applications with the upcoming release of Office Web Apps and other products, but the company is moving more cautiously when it comes to creating mobile versions of these products. Office Web Apps is part of Office 2010, which is scheduled for release to corporate customers on May 12, 2010 with general availability expected sometime in June. The online productivity suite includes free, Web-based versions of Word, Excel and PowerPoint, and Microsoft hopes the release will counter inroads into the productivity market made by Google and others.
There are 500 million mobile phones in the country and this is expected to cross 900 million by the end of 2013. Nokia has 200,000 retailers in India who could serve as mobile money services agents.
ADOBE INDIA SEES OPPORTUNITY IN e-GOVERNANCE With the government pushing e-Governance in a big way, software firm Adobe India sees a huge potential and growth in this segment. Adobe has made its mark in the Indian market in document management system
and document rights management. Adobe has also been part of a few projects like MCA 21 (an e-Governance initiative of the corporate affairs ministry), where a lot of companies are involved. Two other sectors in which Adobe has a strong presence are finance and education. Adobe India is a subsidiary of the USbased leading software maker, Adobe Systems. egov
MAY 2010
39
INTERVIEW SECTION: NETWORK AND COMMUNICATIONS
Digital Linkages via Cat-6 www.digilink.in
MILIND TAMHANE VICE PRESIDENT- ITS SALES DIGILINK
Please tell us about the present status of DIGILINK India? Today, according to IDC, DIGILINK is the No. 2 brand in the Indian Structured Cabling Systems (SCSs) segment. DIGILINK is the undisputed industry leader in providing the entire end-to-end range of structured cabling solutions for enterprises, small and medium business. Today, DIGILINK accounts for 18% of the
40
www.egovonline.net
market share in the SCS marketplace, giving the DIGILINK brand a premier position in the domestic market. ‘PC Quest Users Choice Awards 2009’ ranked DIGILINK as No.1 in India’s Most Wanted IT Brands for Structured Cabling. In a channel survey done by CRN, DIGILINK has also been recognized as the ‘Channel Champion’ in Network Cabling 2009. It further received the
award for ‘Best Structured Cabling Brand 2009’ by DQ Channel. Which category of structured cables are currently the hottest in India and why? Cat-6 has now become the industry standard, for fibre media both Single mode and Multi mode; 50µm (50 micron) fibre are equally popular. The reasons
are obvious, the data communication media are cost effective and support high speeds compatible with upcoming technologies and speed requirements. In your experience, which vertical segments are driving the demand for cabling solutions? How have these segments evolved lately? Data Centre installations have been the largest verticals in the SCS Industry last year. A close second are the State-owned Wide Area Networks (WANs) One has to consider two aspectsFirstly, newer verticals embracing structured cabling as essential services, secondly structured cabling itself has not got broadened and re-christined as Information Transportation System, that means even design and usage of media like infrared, Wi-Fi, WiMax is now within the purview of ITS services. While we have planned residential projects, townships and commercial complexes as big new drivers, we also have educational institutes like schools considering ITS deployments as must. Financial institutions are now spreading their wings in C class cities and rural areas that is yet another new vertical. DIGILINK currently has about 18% share in the structured cabling market in India as per IDC. What is your target for the year 2010 and what will be the top three initiatives to achieve that? This year we will be primarily focusing on the following vertical - Government (PSU) and Education, BFSI (Banking, Financial Services and Insurance) and Healthcare. The top three priorities for DIGILINK are to: a) Strengthen DIGILINK’s market share in enterprise segment in India b) Promote DIGILINK brand in SAARC and Middle East c) Ensure high brand visibility Which products are going to drive the DIGILINK market for 2010? This year our focus is on developing products suitable for Data Centre, FTTH (Fibre To The Home) deployments and 10G over Copper. We would parallely
be working for products for Internet Ready Homes. What is DIGILINK’s competitive advantage over the competition? Our presence across the entire value chain: Research and Development • Intellectual Property Rights • Manufacturing • Marketing and Distribution • Service Support Integration • How do you focus on service support? Our high quality and reputable after sale services are strategically built to deliver customer satisfaction. We offer first-rate integrated service and support through our special service division, DIGICARE, which consists of RMA centres, DIGICARE Technical Assistance Centre (DTAC) and Direct Service Department (DSD). DIGICARE has evolved the most efficient, skilled and professional state of service infrastructure. It has 18 Direct RMA/Service centres and 6 Service Partners across the country, with as many as 165 skilled personnel. 12 Locations have BGA Machines. All Digicare Centres are located in the main IT markets of the town. DIGICARE has a Unique webbased RMA Online System ‘iSMART’ to monitor service activity, online repair status update, automated email and SMS alerts system and warranty tracking. DIGICARE has, over time, attained expertise in repair skillset for all networking products, motherboards, notebooks, PDAs and LCD monitors etc. What is the strategy to sustain the brand image? Anchored by an extensive marketing and distribution network, DIGILINK has emerged as a prominent player in the structured cabling category in India. Well-conceived branding strategies, coupled with a business framework that delivers value, quality and efficacy are instrumental to the company’s success in the competitive market. Integral to its business model, is a widespread marketing and distribution network that ensures deeper market penetration. It imparts rigorous training to its sales and channel partners to enhance
its brand positioning and visibility in a competitive marketplace. Investment into trainings is seen as a significant business enabling tool for the company. Multi-city events, roadshows, DCCE trainings, distributor meets, EVSI meets and sponsored events are conducted on an ongoing basis. A meticulous and perceptive marketing plan including public relations, corporate stories and guest articles has succeeded in establishing DIGILINK’s brand identity. Its marketing team is working towards the objective of building a strong corporate image that enables business association to further endorse and promote the brand. What are the new products that you are launching? We have aligned ourselves for focused approach in a few areas like Intelligent Patch Panels, Bigger Fibre Business in LAN/WAN and also in FTTH. In addition, we plan to add a lot of highend products including high density 48P Patch panels, Residential Equipment cabinets and so on in our repertoire. Our indigenous development team has created new patented products about which it would be inappropriate to detail further. From the vertical perspective, which are the markets are you focusing? The vertical which we will be targeting will be: 1. Data centres 2. Manufacturing 3. BFSI 4. PSU 5. Education 6. Government 7. Infrastructure What is the present turnover of the company and what kind of growth do you want to see this year? Ours is a public limited company hence we cannot offer exact values. We, however, have reached a higher position in the SCS Industry last year and will continue to maintain the same position next year with comfortable margin from the 3rd position. We will certainly be achieving 5% extra growth than the industry growth of 20%. \\
egov
MAY 2010
41
INTERVIEW SECTION: IDENTITY MANAGEMENT SOLUTIONS
De-duplication Solutions: Need of the Hour www.4gid.com
DR. SREENI TRIPURANENI CEO 4G IDENTITY SOLUTIONS
“Prooff of concept “Pro con ep p covers ove s 45000 4500 enrollments e ro lmen s spread sp p ead across a ro s 10 0 villages vi ge g in n ttwo districts. di tri t i ts The T The Proof Prooff of of Concept C Concep pt p is is to t validate v lid l date the th enrollment en nrollm men nt software, offtwarr , devices dev d ice and nd d processes pro s es being p b being g used us d for for the th t e UID. UID U D Another Anoth th r objective ob bjjectiiv off proof p proof off concept con ep pt is is to t assess a se s the th de-duplication d -du d plicatiion accuracy a cu cyy that th t t can c be b achieved hi h ved d specifi spe p ific tto o IIndian nd dian population p popu p latiio and a d environmental nvii onmental conditions.” c ndi diti ns ”
42
www.egovonline.net
Please throw some light on your road-map for Identity Management Solutions? What are the various landmarks covered so far? We plan to concentrate on the following verticals in the coming year: Unique ID and De-duplication • solutions for Governments Enterprise Framework solutions to • integrate various departments of governments • ID Enrollment and Verification services End to End Identity Management • solutions for Public Distribution System Criminal ID Management Solutions • for Law enforcement Agencies Enterprise Identity Management • Solutions for large Corporates Consulting in ID management • Space We plan to expand of our operations to other developing countries in Asia and Africa. Landmarks of 4G Identity Solutions are depicted in the figure below:
4G designed and implemented the end-to-end solution for Ration Card distribution for Rayagada district in the state of Orissa. Tell us about the project learnings, what works and what does not? Government involvement and • support to the project is the most important and critical to success of such projects Design of fool proof application that • gives no chance to operators to manipulate the application Enrollment is critical to success of • any biometric project. There should not be any compromise in ensuring
• •
•
•
•
that good quality biometric images are captured. Operators’ training is what ensures good biometric enrollment Working in tribal and remote areas posed the biggest challenge to our project Iris based de-duplication has been cost effective, faster and more accurate than fingerprint based deduplication Involvement of local people in operations has helped us a great deal in overcoming many field issues Technology is only 20% but Project Management is 80%.
Are there any other Indian states where you are doing similar kind of projects? Orissa is the first state to deploy the end to end Multi-biometric ID management solution for Public Distribution System. In Andhra Pradesh Iris biometric technology was introduced 5 years ago however the technology provided could not scale up after few thousands of enrolments and resulted in lot of duplicates and bogus ration cards. We have won the contract in global tendering process for deduplication of this massive 5.6 crore biometric database. We have successfully completed this project and has created a 4.7 crore Unique ID database after de-duplication. To my knowledge this has been world’s largest de duplication project till date. The government of Andhra Pradesh has already saved and is saving hundreds of crores of rupees due to removal of duplicate and bogus ration cards. Looking at the success of Orissa project many state governments are realizing the importance of biometrics in building an effective delivery mechanism for welfare schemes. There are many tenders in the pipeline by different state governments for similar solution that we have deployed in Orissa.
Can you please elaborate on the role of 4G in ‘Proof-of-Concept’, the UID Initiative in the state of Andhra Pradesh? We have won contract in global tendering process for providing Iris cameras and Fingerprint scanners to UIDAI. These devices will be used in the UIDAI Proof of Concept tests. We also has been awarded the contract for providing solution and deploying the proof of concept of UIDAI in Andhra Pradesh. This proof of concept covers 45000 enrollments spread across 10 villages in two districts. The Proof of Concept is to validate the enrollment software, devices and processes being used for the UID. Another objective of proof of concept is to assess the de-duplication accuracy that can be achieved specific to Indian population and environmental conditions. How your identity management solutions have an edge over the other market players in the domain? Having been in ID management space for the last 8 years, we have built our ID management solutions around needs of Indian conditions. In the process we have faced several challenges in making biometrics work for Indian rural populations and harsh environmental conditions. We have successfully overcome these challenges by developing solutions in-house. Our solutions are not vendor bound and is interoperable across technologies, algorithms and biometric devices. Most importantly we have chosen to be partners with some of the world’s best technology providers in biometrics. Last but not least we offer cost effective solutions. We continue to innovate and always wants be a step ahead of our competitors. What is the Government business share of your company with respect to its total business? What is your plan to increase the market share? Most of our large scale projects are in the government vertical and more than 90% of our business comes from government domain. As long as we deliver value to the clients, I believe our market share will automatically increase. \\ egov
MAY 2010
43
SECTION: IDENTITY MANAGEMENT SOLUTIONS
7 Myths about IP Access Control to the Door www.hidglobal.com
Why Internet Protocol (IP) to the door? There are considerable differences between today’s legacy access control and the emerging technology of IP directly to the door. What follows are seven commonly heard myths when Security asked two industry experts what they feel is really happening in the market with respect to IP access control to the door. MYTH 1: THERE IS NO DIFFERENCE BETWEEN IP ACCESS CONTROL AND TRADITIONAL ACCESS CONTROL De-myth: There is a huge difference between IP and traditional or RS485 (multi-drop) in the access control world. Access control, as we have known till date, can be compared to the video world using digital video recorders (DVRs). Even though DVRs, as well as access control panels, can sit on a network, all cable to the actual edge device is traditional copper cable, proprietary to that system. Edge IP does for access control what IP cameras did for video. Software can now talk directly to the edge device with nothing but network in between. The control panel concept goes away for access control just as the DVR goes away for IP video. As a result, both video and access control can now be truly scalable in increments of one access point, with predictability of cost. This also results in a significant reduction in infrastructure cost as well. IP-based distributed processing allows for modular and economical system expansion. An IP-based system supports integration as a means of migration from legacy systems and provides a costeffective bridge to the future. The IP-tothe door system manufacturer ensures a consistent product version and consistent upgrade path. 44
www.egovonline.net
TOM HEISER ELI GOROVICI
Training and product support also MYTH 2: IP ACCESS CONTROL takes on a more holistic approach IS UNTESTED AND UNPROVEN without requiring the end user to act as WHEN COMPARED TO A a middleman between various vendors. TRADITIONAL, HARD-WIRED What’s more, an IP-based system ensures SOLUTION the latest standards-based software, De-myth: Depending on the networking, and hardware technology. configuration of the hardware a chief An IP-based system means one security officer selects, IP access control user interface. A single user interface is as reliable, or even more reliable than simplifies installation and is easier to learn the traditional topology of multi-reader and use. With one common interface, controllers. With multi-door controllers, there is no more duplication of system a single point of failure could cause administration and other tasks. For multiple doors to become inoperable. example, a user learns to set up a card With IP access control, each door is reader using the same skills required to independent of other doors, so a single set up a camera. In addition, a single user point of failure will only cause one door login provides simple and secure access to be inoperable. Today’s networks to all security functions. The system’s use allow for layers of redundancy, so even of existing IP infrastructure eliminates if a network component fails, there are significant wiring and installation costs. IP backup communications paths that can network nodes, including cameras reroute the event transmissions around and card/biometric readers, can all the problem component. be managed by a corporate network management tool. MYTH 3: IP ACCESS CONTROL IS Another difference between IP access MORE SUSCEPTIBLE TO FAILURE control and traditional access control is OR “WHAT HAPPENS WHEN MY the issue of power over Ethernet (PoE), NETWORK GOES DOWN? which can be argued as a positive or a negative. On the positive side, most De-myth: In today’s corporate network closets already have emergency environment, the network gets more power to the network devices and they will continue to operate even when power to the building is lost, while traditional power requires battery back-up. PoE provides the same advantage to the IP access approach. The bigger issue is power to the locking device that may be required to unlock at loss of power to the building in order to meet fire code. It is more likely that installers will use Traditional topology means that even though DVRs, as well as PoE for the reader, but access control panels, can sit on a network, all cable to the traditional power to the actual edge device is traditional copper cable, proprietary to that system. locking device.
attention and care than it used to simply because the network is carrying the information that keeps the company in business. As long as IP access still has power, the only impact of network communications failure is that the events will not be transmitted to the host application when the event occurs. The door still works and employees can still enter, with all the events being buffered. Once the network communication path is re-established, all events that took place during failure will be transmitted to the host. Communications loss is a universal problem that affects Ethernet and serially connected devices in the same way. Keep in mind that the network rarely goes down, because it is the backbone of the entire business. One of the beauties of networked-based information is the fact that information can be rerouted in less than 100 milliseconds by finding an alternative path. No legacy access control solution has this level of reliability. MYTH 4: IP ACCESS CONTROL IS MORE VULNERABLE TO SECURITY BREACHES OR HACKERS THAT CAN OPEN DOORS De-myth: IP access control is no different than any other device on the network. Network security measures that
ability to keep the network connection within the protected space. IP access control benefits from the $5 billion network security market which provides a powerful, secured environment that is not available to the traditional access control world. MYTH 5: IP ACCESS CONTROL COSTS MORE AND UPGRADING TO IP ACCESS CONTROL REQUIRES A ‘FORKLIFT’ UPGRADE De-myth: In most cases IP access control costs less than traditional access control topologies. Cost savings occur not only in the cost of the devices themselves, but also in the cost to run and maintain the associated wiring. With traditional topologies, a bundle of cables is run from a closet out to the door. This wiring is run separately from the other communications wiring in a building and is singular in purpose. With IP access control, the wiring to the door is the same wiring used for the computers, phones, and IP cameras. Being able to combine the access control communications cable installation into a larger wiring contract leads to a lower cost per door. In the instances where an existing access control system is in place, IP access control can be layered on top of it for new doors, which means a forklift upgrade is not always necessary. MYTH 6: CUSTOMERS SACRIFICE FUNCTIONALITY WHEN THEY MOVE TO AN IP-BASED ACCESS CONTROL SYSTEM.
In an edge approach, IP-based distributed processing allows for modular and economical system expansion dependent on power over the Ethernet.
block unauthorised access to the network (and devices) should be employed, whether it is through a local connection or virtual private network (VPN). With any Ethernet connection, care must be taken not to expose the connection in unprotected environments (like on the outside of a perimeter door). This is just good common sense. With IP access control, you have the option of separating the reader from the controller without losing any functionality, and gaining the
De-myth: On the contrary, IP access control has more benefits and functionality than traditional access control. Both systems use a server as a host computer and all of your features and functionality will generally be the same. However, while most traditional access control does not allow for bidirectional communications to the door, TCP/IP does such communications. Functionality like writing to smart cards and driving LCD displays is not possible with Wiegand wiring. Predictable cost per door is another benefit of IP access control. With traditional access control using multidoor controllers, the first door is always more expensive than the second because the controller is part of the cost of the first door. With IP access control, each
door gets the same components so the cost is fixed for each door. MYTH 7: INTEGRATED SYSTEMS ARE FINE; UNIFIED SYSTEMS (ACCESS CONTROL AND VIDEO SURVEILLANCE) ARE OVERRATED, UNPROVEN De-myth: Integration means only that two products work together. ‘Unification’, on the other hand, means a single, multi-functional application with unified security, administration, log-ins, and unified responses to events along with fully coordinated failover capabilities. In this increasingly integrated, converged security world, the next evolutionary step is inevitably greater unification of systems and capabilities – seamless operation back and forth between, for example, access control and video. If both systems are unified into one application the overall benefits to the end-user are even greater and more farreaching than anything simple integration has provided up until now. Unification solves many shortcomings that exist with integration. Integrated systems require logging into the separate systems to programme coordinated responses to system events. Failure to programme either system properly can result in unpredictable results and neither system can detect the programming inconsistency and warn the user. Technical support teams are often not able to resolve the problems efficiently because they are not aware of the inconsistencies, thus increasing the total cost of ownership and system downtime. As long as these systems are kept separate and joined only by integration, there will always be two different road maps with two different agendas. Only when you start to think about these two applications as unified do we create true value to the end-user and the installer. IT’S AN IP-TO-THE-DOOR FUTURE Following a similar path or evolution as IP video, IP access control is now gaining wider market acceptance and is being implemented in some of the largest new installations worldwide as well as in retrofit installations. In the future, unified platforms will grow into powerful solutions when combined with information security, business continuity planning and data/ content analysis. \\ egov
MAY 2010
45
SHOWCASE
AADHAAR: The Unique Identity OVERVIEW The Unique Identification (UID) project, headed by Shri Nandan Nilekani, has been renamed ‘AADHAAR’, which means foundation or support. On 26th April, 2010 in New Delhi, Nilekani unveiled a new logo for the Unique Identification Authority of India (UIDAI), which aims to give the 1.2 billion residents of the country a unique 12-digit identification number. The UIDAI logo depicts a yellow-coloured sun with a fingerprint in the centre. The logo was selected after a nationwide competition that received 2,000 entries. The brand name and logo for the unique numbers have been developed keeping the transformational potential of the program in mind. Together, they communicate the essence and spirit of the UIDAI’s mandate which is to issue every resident a unique number across the country. The word ‘AADHAAR’ is present across most Indian languages and can therefore be used in branding and communication of the UIDAI program across the country. AADHAAR will be a foundation for the effective enforcement of individual rights. A clear registration and recognition of the individual’s identity with the state is necessary to implement their rights – to employment, education, food, etc. The number, by ensuring such registration and recognition of individuals, would help the state deliver these rights. The logo design for the number helps reinforce the message of AADHAAR – a universal foundation. As Shri Nandan Nilekani, Chairman of the UIDAI notes, “The name ‘AADHAAR’ communicates the fundamental role of the number issued by the UIDAI: the number as a universal identity infrastructure, a foundation over which public and private agencies can build services and applications that benefit residents across India” 46
www.egovonline.net
The design, which has been selected as the logo for AADHAAR, is a sun in red and yellow, with a fingerprint traced across its centre. The logo communicates the vision for AADHAAR. It represents a new dawn of equal opportunity for each individual, a dawn which emerges from the unique identity the number guarantees for each individual. The sun in the design represents AADHAAR’s potential. As Shri Ram Sewak Sharma, Director General of the UIDAI, notes, “The sun symbolizes a promise Shri Nandan Nilekani that shines on all residents Chairman equally – the number would Unique Identification Authority of India enable access to services and resources for everyone, including people processes around enrolment and who have long been disadvantaged, verification procedures to be followed such as marginal groups, migrants, and to enroll residents into the AADHAAR women and children.” The fingerprint system. The UIDAI will also design and within the sun indicates that the promise create the institutional micro-structure of AADHAAR stems from its uniqueness. to effectively implement the policy. This The positive changes enabled by will include a Central Identities Data AADHAAR, emerge from the resident’s Repository (CIDR) that will manage ability to clearly prove their own unique the central system and the network of identity through the number. registrars who will establish resident The UIDAI has been allocated Rs 1,900 touch points through enrolling agencies. crore for the financial year ending March The UIDAI will also be collecting the 31, 2011, of which Rs 1,300 crore will following data fields and biometrics for be used to enable the registrars to enroll issuing AADHAAR, the unique number: people in the system and the remaining • Name Rs 600 crore will go towards the setting • Date of Birth up of the IT infrastructure. Gender • Father’s/Husband’s/Guardian’s • APPROACH Name and AADHAAR number Mother’s/Wife’s/Guardian’s Name • The model that UIDAI envisions will and AADHAAR number have the reach and flexibility to enroll • Introducer’s Name and AADHAAR residents across the country. The UIDAI number (in case of lack of as a statutory body will be responsible documents) for creating, administering and enforcing • Address policy. It will prescribe guidelines on • All 10 fingerprints, photographs and the biometric technology, the various both Iris scans
The UIDAI will partner with a variety of agencies and service providers to enroll residents for AADHAAR numbers and verify their identity. The UIDAI will enter into Memorandum of Understanding (MoU) with individual registrars and enable their on boarding with the AADHAAR system. The UIDAI will also enter into agreements with some registrars for using the CIDR, solely for authentication purposes. Such registrars may include State Governments, state PSUs, banks, telecoms etc. The service providers who will adopt the AADHAAR system for identity authentication during service delivery will follow certain processes and standards and may need to re-engineer their internal processes. A critical aspect of the AADHAAR enrollment process is that enrollment will not be through a mandate but will be demand-driven. The momentum for the AADHAAR will come from residents enrolling in order to access the benefits and services associated with it. The basic advantage of the AADHAAR is that it will be one number that can be used to prove identity for life. Once the resident gets the AADHAAR, it may be accepted as identity proof across service providers. ENROLLMENT PROCESS FOR RESIDENTS The enrollment process for the AADHAAR number will begin with a resident submitting his/her information to the enrolling agency with supporting documents. This information will be verified according to the prescribed verification procedure. To make sure the poor are not excluded, the UIDAI has prescribed guidelines for applicants without documents. Once the enroller verifies the resident’s information it will submit the application request through the registrar to the CIDR. The CIDR will then run a de-duplication check comparing the resident’s biometric and demographic information to the records in the database to ensure that the resident is not already enrolled. The fact that the AADHAR system is both de-duplicated and universal will discourage residents from giving incorrect data at the time of enrollment. To reach millions and to include an estimated 410 million people living on less than $1.25 a day, UIDAI is working closely with Census 2011 survey, as well as local
government bodies and NGOs. With an estimated 75 million people homeless and millions others criss-crossing the country as migrant workers with little or no documentation, the UIDAI has a challenge to include all in the system and issue the unique number to them. “The UIDAI will not make the number mandatory, but it is up to the registrars to make it mandatory or not. We are also taking iris as a biometric, besides the ten fingerprints, because, in children, the fingerprints do not take form till six years of age. Also, labourers’ fingerprints get worn out,” explained Nilekani. ISSUING THE AADHAAR NUMBER The first AADHAAR numbers will be issued over the next 12-18 months counted from August 2009. The first number would be issued between August 2010 and February 2011. Over five years, the Authority plans to issue 600 million AADHAARs. The numbers will be issued through various ‘registrar’ agencies across the country UIDAI was allocated a sum of Rs 120 crore in last year’s budget and Rs 1,900 crore this year. The AADHAAR project is estimated to offer IT companies a Rs 15,000-20,000 crore opportunity, as it sets to build an ecosystem around the project, comprising biometrics, databases, smartcards, storage and system integration. Once the AADHAAR number is assigned, the UIDAI will forward the resident a letter that contains his/her registered demographic and biometric details. If there are any mistakes in the demographic details, the resident can contact the relevant registrar/enrolling agency, as per the prescribed procedure. If the registrar issues a card to the resident, the UIDAI will recommend that the card contain the AADHAAR number, name and photograph. PROTECTING PERSONAL INFORMATION OF RESIDENTS Even as the UIDAI stores resident information and confirms identity to authenticating agencies, it will have to ensure the security and privacy of such information. By linking an individual’s personal, identifying information to a AADHAAR, the UIDAI will be creating a transaction identity for each resident that is both verified and reliable. This means
that the resident’s identity will possess value, and enable the transfer of money and resources. BENEFITS Apart from the obvious function of being an identity proof for Indian residents, AADHAAR will provide the identity infrastructure for ensuring financial inclusion across the country – banks can link the unique number to a bank account for every resident, and use the online identity authentication to allow residents to access the account from anywhere in the country. A vast majority of villages do not have the means to withdraw/deposit money, while ATMs are available in the urban areas. “Making payments possible to the poor at the point where they live is an important part of financial inclusion” says Mr Nandan Nilekani. With the AADHAAR project intending to provide online authentication of an individual, it would lay the foundation for inclusive growth as banking could be taken to the people. With the Reserve Bank of India planning to have ‘Business Correspondents’ (BC) in every village, the latter would be provided mobile phones and fingerprint readers. The online authentication for any person can be done in just a few seconds for a transaction. The Business Correspondent would act like a mobile ATM and a person can go to any BC in the country to withdraw/deposit money into their account. The Business Correspondent only has to verify the authenticity of the AADHAAR number through the phone and he will be in the position to provide basic banking services to any individual. The backend operation of this transaction can be conducted on the existing platforms of ATM, Internet or mobile banking. Mr. Nilekani said that this is how a platform can be created for extending banking services to to the poor using affordable and existing technologies. The UIDAI would come out with standards for banks on how they could make their systems ready. The number will also allow individuals to confirm through AADHAAR-linked biometric verification, if the services that were targeted for them actually reached them; it will also enable the government to confirm eligibility of beneficiaries for welfare services. \\ egov Team egov
MAY 2010
47
ov
get noticed... In the eyes of decision makers in the Government
Presents India’s 1st Directory on ICT in Government Watch out for the 2nd edition in August 2010 Segments Covered Biometric/RFID
Virtualization
Security
e-Procurement Solutions
Financial Management System
Financial Inclusion
Broadband Equipments
Mobility
Infrastructure Management
Storage/Server/ Data Centre
Consultants
Power Solutions
Cloud Computing
Networking Solutions
Video Conferencing Solutions
Printers & Peripherals
ERP
e-Governance Solutions
Internet Service Providers
Open Source
VSAT
Cooling Solutions
Display & Presentation Solutions
PCs/Laptops
Telecom Towers
Issue will be released at eINDIA 2010 www.eindia.net.in/2010
REASONS TO PARTICIPATE Distinct Visibility Detailed Segmentation & Positioning opportunity
Focussed Reach egov goes extensively to the decision makers in the Central Government/State Governments/Municipalities/PSUs/Banks
One Year Shelf Life egov IT Directory is one of its kind, year long reference book for all the stakeholders in e-Government For advertising details, contact elets Technomedia Pvt. Ltd.,G-4 Sector 39, Noida Debabrata Ray, debabrata@elets.in,+91-9899650692 Anuj Agrawal , anuj@elets.in,+91 9911302086
NEWS
INTERNATIONAL
CANADA PLANS TO LAUNCH e-PASSPORT IN 2012 The new e-Passport will contain an electronic chip encoded with the bearer’s name, gender, and date and place of birth, as well as a digital portrait of the traveller’s face. The use of e-Passports will allow Canada to follow international standards in the field of passport security to protect our borders and maintain the ease of international travel that Canadians currently enjoy. With the launch of the new passport, Canadians will also be able to choose whether they want a passport valid for 10 years or for the current five-year period.
FIRST e-SECURITY CENTRE ESTABLISHED AT OMAN The sultanate of Oman has established for the first time a focal point of contact for any ICT security breach in the country. The Oman National Computer Emergency Readiness Team (OCERT) will provide accurate and timely information on current and emerging security and vulnerabilities. Another key objective, was to detect security incidents affecting the country’s information assets and initiating emergency responses. The Oman National CERT is a part of the e.oman vision to transform Oman into a knowledge society. Growing security risks requires concerted efforts and working together to address these risks and threats.
GOVERNMENT OF NAMBIA JOINS HANDS WITH PRIVATE SECTOR ON ICT A new structural expansion of the Ministry of Information and Communication Technology (MICT) will be effected to strengthen government’s capacity to promote Information and Communication Technology (ICT). The ICT sector contributes a significant two percent to the Gross Domestic Product (GDP), with more potential for growth and addressing unemployment and poverty. Namibia’s global development index ranking is low also because of the unimpressive level of ICT roll-out, skills and usage.
BANGLADESH TO PRIORTISE MORE INTERNET CONNECTIONS Internet access still remains far below demand in Bangladesh. The challenge is to much widen access among users who would make best use of it. For Bangladesh, the priority should be to provide Internet access to academic institutions and intellectual communities. Using the Internet for productive purposes and real benefits is the main issue. The high service charged by the providers, a weak telecommunication system, deficient government policies and low buying power of potential clients are major barriers. But a more congenial and rational government policy may help improve the scenario. This will encourage more providers and will ensure healthy competition among them, ultimately
reducing the online charge and improving service quality. Unless more competitors, more investments, and more innovations are encouraged in the field, Internet usage and its benefit will not increase substantially. The government may introduce lucrative consumer loans and give more incentives for people to have their own connections.
JAPAN TAKES IN e-GOVERNANCE MODEL FROM SOUTH KOREA South Korea has struck an historic deal to sell its eGovernment model to J a p a n . Korean IT companies have sold e-Government systems to local governments in Japan
since 2004. But this is the first such deal between the two countries’ central governments. As the two countries has similar administrative system, the Japanese government hopes to acquire the Korean technology that integrates the e-Government systems of central and local governments, which can be easily imported by Japan Japan has experiences difficulties setting up and managing e-Government systems; investments made by central and local governments have often overlapped. Korea has had similar problems in the past, and has gone a long way in solving the issue.
ONLINE GOVERNMENT SERVICES TO BE ENHANCED IN UAE Resolution assigned the telecom regulatory body to supervise the eGovernment project His Highness Shaikh Mohammad Bin Rashid Al Maktoum, Vice-President and Prime Minister of the UAE and Ruler of Dubai, issued a resolution incorporating the General Information Authority (GIA) into the UAE’s Telecommunications Regulatory Authority (TRA) to improve online government services and enhance e-Government infrastructure. The resolution assigned the telecom regulatory body to supervise the e-Government project, suggest a strategic plan and policies related to the UAE Federal e-Government, and suggest legislation and the organisational framework and regulations related to online services. The TRA is also tasked to set policies and principles regulating to government information technology, manage e-Government initiatives and follow up on their implementation. egov
MAY 2010
49
QUOTE/UNQUOTE
BYTES FROM SECURE IT EVENT HELD ON 4TH MARCH 2010 NEW DELHI Ashwini Kumar, Central Bureau of Investigation (CBI), Director spoke to egov on the the technological intervention in enhancing the state of public safety and security in our country. He noted the public is concerned about the whole cyber space and the IT security as they are insecure and feel their identity and the data is unsafe and might be lost. He emphasised there is a need to keep the police informed that the Internet and the cyber space are controlled by the government, further which is controlled by the agencies which are purely ethical and truthful and are working for the betterment of the public. He noted that the people who have a vested interest in interfering in the cyber space are very few. He further informed the government and the public that the Internet is in secure hands and the CBI will do everything possible to ensure that it remains secure.
B C Nayak, Oil and Natural Gas Corporation Limited (ONGC), Director in conversation with egov on the security scenario in the country highlighted a lot has changed after the Mumbai attacks, still the possibility of the attacks from across the border cant be ruled out. All the possible measures have to be taken into consideration to avoid any occurrence of such things in the future. He informed in the wake of 26/11, awareness has come in a big way and there has been a change in the attitude of the police and in the use of the security gadgets. He pointed that tremendous demand for security gadgets has increased all over as gadgets are far more reliable than human beings; but it is equally important to train men behind the machines. There has to be a judicious mix of men and machines to upgrade the security. Key issues which he talked of under cyber security are, the policy framework which has to be implemented all over, it is equally important to ensure that the public is well informed and aware of the policies. He further added that the training of the personnel who are to use the IT security policies is important to ensure the laws are implemented in a proper way.
FLIP SIDE by Santulan Chaubey
50
www.egovonline.net
RNI NO. - UPENG/2008/25234
UP/GBD - 71/2009-2011
Nominate for
1
AWARDS
and
Stand Out Awards will be conferred at
1 India's Largest ICT Event
6th
4th - 6th August 2010 Hyderabad International Convention Centre www.eINDIA.net.in
Nominations can be made online at www.eINDIA.net.in/awards/2010 For more information, contact: Sheena Joseph email: awards@eINDIA.net.in; Mob +91 – 9971841718 Ph: 0120-2502180-85 Fax: 0120-2500060