The Sultanate of Oman National ID Program

Similar documents
Case Studies. National Identity Management Commission (NIMC), Nigeria eid Consulting for national ID system

Smart Tiger STARCHIP SMART TIGER PAYMENT PRODUCT LINE. Payment. STiger SDA. STiger DDA. STiger DUAL

The Leading Provider of Identity Solutions and Services in the U.S.

SECURE IDENTITY MANAGEMENT. Globally recognised identity management expertise

PRIME IDENTITY MANAGEMENT CORE

Request of Expressions of Interest For Information Technology Consulting Firm

The Convergence of IT Security and Physical Access Control

THE LEADING EDGE OF BORDER SECURITY

GOALS (2) The goal of this training module is to increase your awareness of HSPD-12 and the corresponding technical standard FIPS 201.

Schlumberger PKI /Corporate Badge Deployment. Neville Pattinson Director of Business Development & Technology IT & Public Sector

End-to-end security with advanced biometrics technology

End-to-end security with advanced biometrics technology

CRESCENDO SERIES Smart Cards. Smart Card Solutions

Good Afternoon! Since Yesterday we have been talking about threats and how to deal with those threats in order to protect ourselves from individuals

addressed. Specifically, a multi-biometric cryptosystem based on the fuzzy commitment scheme, in which a crypto-biometric key is derived from

The Convergence of IT Security and Physical Access Control

SOLUTIONS FOR HEALTHCARE PROFESSIONALS AND GOVERNMENTS

IDENTIFICATION Morpho Driver s license Solution for governments and road traffic authorities

More Power and Performance With Each Printed Card

BALI MINISTERIAL CONFERENCE AD HOC EXPERTS' GROUP II REGIONAL WORKSHOP IDENTITY MANAGEMENT: CHALLENGES AND OPPORTUNITIES FOR COOPERATION

The National Number and the Automation of the Civil Records Project Ministry of Interior Administration of Civil Records

Coesys Border Management

Michigan Criminal Justice Information Network (MiCJIN) State of Michigan Department of Information Technology & Michigan State Police

Michigan Criminal Justice Information Network (MiCJIN) State of Michigan Department of Information Technology & Michigan State Police

Defending the Internet of Things

Card Management System Integration Made Easy: Tools for Enrollment and Management of Certificates. September 2006

Legislative Council Panel on Security. The Next Generation Smart Identity Card System

Privacy by Design The case of Automated Border Control. Authors: Pagona Tsormpatzoudi, Diana Dimitrova, Jessica Schroers and Els Kindt

PIV Scheduler Tool. Screen Shots from May 1, :00am Eastern

Company Overview. Iraq: Activities & Experience

Biometrics in Identity as a Service

Worldwide Smart Card Implementations using GlobalPlatform Standards

Biometrics for payments. The use of biometrics in banking

Category: Nomination for NASPE s Eugene H. Rooney, Jr. Award Innovative State Human Resource Management Program

Agency Information Collection Activities: REAL ID: Minimum Standards for Driver s

White paper. Implications of digital certificates on trusted e-business.

Changes in Schengen visa application process

Global Headquarters: 5 Speen Street Framingham, MA USA P F

Multi-Factor Authentication Protecting Applications and Critical Data against Unauthorized Access

Role Based Identity and Access Management Basic Infrastructure for New Citizen Services and Lean Internal Administration

IDaaS: Managed Credentials for Local & State Emergency Responders

Optical Memory Cards in Federal Government

Converged Smart Card for Identity Assurance Solutions. Crescendo Series Smart Cards

CONDIS. IT Service Management and CMDB

IBM Software Universal Health Identifiers: Issues and Requirements for Successful Patient Information Exchange

esign FAQ 1. What is the online esign Electronic Signature Service? 2. Where the esign Online Electronic Signature Service can be used?

IDENTITY SOLUTIONS END-TO-END SYSTEMS SOLUTIONS TO PROTECT IDENTITIES AND SECURE ACCESS FOR A MOBILITY WORLD

Provincial IDIM Program BC Services Card Project Identity Assurance Services Solution Architecture Overview

Application of Biometric Technology Solutions to Enhance Security

Information Technology Policy

Authentication: Password Madness

Audio: This overview module contains an introduction, five lessons, and a conclusion.

ELECTRONIC SIGNATURES FACTSHEET

Physical Security: A Biometric Approach Preeti, Rajni M.Tech (Network Security),BPSMV preetytushir@gmail.com, ratri451@gmail.com

Veridos Protects Identities. The expert for worldwide government solutions

solutions Biometrics integration

ACI - NA PUBLIC SAFETY & SECURITY FALL CONFERENCE 2012 AVIATION BADGING EFFICIENCIES

Moving to Multi-factor Authentication. Kevin Unthank

Online Licensure Application System (OLAS): Nursing Licenses Faster and Easier

FOUR PILLARS FOR A SUCCESSFUL PIV ECOSYSTEM

MiCJIN. Software Systems and Services Available. Michigan Criminal Justice Information Network

1 Building an Identity Management Business Case. 2 Agenda. 3 Business Challenges

Strong Authentication: Enabling Efficiency and Maximizing Security in Your Microsoft Environment

European Electronic Identity Practices

Mobile Driver s License Solution

A Look at Maryland s Early Childhood Data System

إجراءات التسجيل تعبئة االستمارة. Emirates Identity Authority خصائص البطاقة. Card Features توصيل البطاقة شكل البطاقة. Mobile Registration

The identity card program in Belgium

An Operational Architecture for Federated Identity Management

Examples of Large Scale Biometrics Systems:

INTRODUCTION AND HISTORY

e Governance ULB Level Reform

Sub- Regional Workshop and Consulta;ons on Capacity- Building in Travel Document Security: Colombia, 2013

Provide access control with innovative solutions from IBM.

DEPARTMENTAL REGULATION

Border control using biometrics in Japan. September 2008 NEC Corporation/Daon

We make cards and payments work for people as a part of everyday life. We bring information to life

Coesys Border Management

PKI Deployment Business Issues

A Tradition of Excellence

SmartPay 2. Highway Contract Route Contractor Guide Voyager Fleet

NIST s FIPS 201: Personal Identity Verification (PIV) of Federal Employees and Contractors Masaryk University in Brno Faculty of Informatics

Oracle Identity Management Concepts and Architecture. An Oracle White Paper December 2003

HSPD-12 Implementation Architecture Working Group Concept Overview. Version 1.0 March 17, 2006

TAKING A HOLISTIC APPROACH BEST PRACTICES FOR OVER-THE-COUNTER GOVERNMENT ID CARD PROGRAMS. Mary Olson, Senior Marketing Manager, Citizen Solutions

Transcription:

The Sultanate of Oman National ID Program CASE STUDY GlobalPlatform technology delivers the first smart card-based citizen ID program ever to be deployed in the Middle East Overview In October of 2002, local Omani authority, the Royal Oman Police (ROP), together with His Majesty the Sultan launched the first smart card-based citizen ID program ever to be deployed in the Middle East. Their aim was to enhance the country s identification processes while also improving its IT infrastructure, providing better, faster and more accurate public services for its citizens, together with higher levels of security. Previously, the Sultan of Oman had no citizen registry in place, making it very difficult to provide efficient services for it citizens and achieve adequate identification of its population. This situation was exacerbated by the fact that a large percentage of the population included noncitizens, merely residing in Oman. It was decided that there existed a need for a more robust identification system enabling the authorities to maintain accurate, clean population data and to be able to more easily keep it updated. The main objectives of the program were to: Modernize the National Registry System (NRS) Simplify and speed up administrative processes Provide better qualitative public services to Omani citizens and residents Engage and promote the usage of IT technology and e-government facilities Increase Homeland Security The creation of the NRS is an integral part of Oman s ID program and will act as the pillar of the country s future e-government initiatives. Oman s government decided to renew the NRS in line with a new legislation act (the Royal Decree 66/99, propagated in October 1999) in accordance with its strategy towards country modernization. The NRS is the central population database that allows the country to build a record with data collected from different databases where data is stored per category (for example, pictures, fingerprints, demographic information etc). Through the NRS, authorities will be able to register details for each Omani and foreign resident in a single centralized system. The objectives of the NRS were to: Set the foundation for a modern and secure infrastructure based on the new NRS and smart ID card system Prepare the migration of the country to efficient and secure on-line services contributing to decentralization and proximity to citizens Engage in a new census of the population being able to know who is an Omani citizen and who is a resident of Oman (Prior to revitalizing the NRS, Oman only had records for around 20% of the entire population). One challenge facing the implementation team involved linking the new system to an existing system that supports legacy applications for Drivers Licenses and Immigration including passport management and border crossing applications. A two-way synchronization of the data shared by these systems needed to be developed. In addition, data migration was required in order to populate the new databases that existed with the new system. Page 1 of 5

Development of the Solution Initially the scope of the National ID card will support three applications: The Identity application which holds personal credentials including biometric information (photo and two fingerprints) Driver s license application Border control application The new modern system utilizing Java CardÔ technology and a PKI application will rapidly extend this scope to secure exchange in e- government applications. Initially a limited number of government employees will use public-key cards for secure email and government network access. Additional e- government applications that could eventually take advantage of PKI technology include strong authentication on e-government portals to access services for healthcare, driver s license and electronic voting. Gemplus was awarded the contract to deliver this first Middle Eastern smart card-based identity solution, providing project management and integration, as well as services, software and cards to the Sultanate of Oman. Gemplus goal, managing the project, is to streamline and increase the quality of public services through the automated citizen ID system. The GlobalPlatform technology employed by Gemplus includes GlobalPlatform s Card Specification v2.0.1 and Multiple Application Smart Card Management Systems Functional requirements v3.4. The GlobalPlatform Card Specification v2.0.1 is a standard that provides a common security and card management architecture that protects the most important aspect of a chip card system investment the infrastructure. The original RFP issued by the Royal Oman Police clearly requested that the card platform must be based on open Java Card technology, so Gemplus consequently proposed their latest Java Card platform compliant with Java Card 2.1 and GlobalPlatform Card Specification version 2.0.1. Sagem was subcontracted by Gemplus to provide the fingerprint biometric technology for the ID cards. The ID cards, complete with biometric recognition, can be checked by both portable terminals and by automatic electronic validation, for example, at airport immigration checkpoints. Other companies involved in the overall solution to the Oman Government include Datacard Group, who provided the personalization equipment for the cards and GBM for the IT infrastructure. The Implementation / Solution Gemplus selected its secure ID solution, ResIDent for the Sultanate s smart ID card system as it encompasses all the products and services the Sultanate required. It is based on Java CardÔ, ISO and PKI standards, providing a secure, flexible and user-friendly tool for delivering services to and identifying citizens in both physical and digital environments. The versatile open platform provides capabilities for smart card-based border control, driver s license programs, healthcare and e-government applications. It delivers a complete and fully integrated smart ID card system designed for nationwide ID programs such as the Sultanate of Oman s ID program. While the program was launched in October 2002, initial roll-out of cards to Omani citizens did not begin until January of 2004. By the end of March, 2004, nine (9) regional offices had been deployed. Due to the fact that this is a face-to-face enrollment and issuance process, the system did not start using a mass roll-out. Enormous progress was made however, with the ROP deploying 100,000 ID cards in a seven Page 2 of 5

month period, by August 1 st, 2004. This has been a great achievement especially considering that during the first 6 months, not all regional offices had been opened and this initial period was used to improve efficiency of officers operating the system. They have set themselves a target to issue 250,000 300,000 ID cards per year. While there are approximately 2.7 million citizens in Oman, total deployment will be in the vicinity of 1.2 million cards as ID cards are issued to only those over the age of 15. Oman s citizens and residents will be able to store their personal credentials including their name, address, digital photo ID and fingerprints securely and conveniently on the cards. Gemplus has been able to regulate the complete ID card process cycle, from enrollment to delivery, to less than 30 minutes, enabling the ROP to issue as many cards as possible in an efficient time frame. With Gemplus initially managing the undertaking, the project is on track and handover to the local authorities has been done in terms of operation, through extensive IT training and skills transfer programs. As Gemplus is responsible for maintaining and supporting the system for five years, a small project team remains to work alongside the ROP, supporting their operation and adding new features where required. As a result, modifications and upgrades are due to be delivered by the end of 2004 to fulfill new requirements. Some interesting facts and figures regarding this project include: 1 centralized Citizen registration solution 1 SCMS for managing the card life cycle of the GlobalPlatform card PKI based solution 12 decentralized local personalization centers (personalized issuance solution) 24 ID card enrollment desks 23 smart card personalization machines 17 issuance desks (delivery of the ID card) 254 mobile biometric devices distributed by the police station 6 e-gates in 1 airport (for pilot) The Benefits Both the Omani Government and its citizens will benefit from the establishment of its secure nationwide ID program. Increased Homeland security was one of the main objectives and this will be achieved via the biometrics-based border control applications and securing authentication of citizens and residents traveling in and out of the country. At the same time, a reduction in identity fraud is accomplished due to a combination of biometrics and security features printed on the card body itself making it extremely difficult to forge, duplicate or counterfeit the ID card for fraudulent use of citizens identity and personal data. Durability and versatility of the ID documents is also a consequence of the program with the ID card comprising of a highly durable body, utilizing state-of-the-art security printed features such as Guilloches, OVI, secured holograms and others, enabling a very long card life cycle. Besides implementing a stronger means of identification to its population, the introduction of the smart ID card requires a revamping of the country s entire IT infrastructure in order to deploy and use the technology to its fullest. Additionally, through expanding the services offering to Oman s population with various Internet-based applications, the program also imposes that more people start using computers on a regular basis, enhancing the nation s overall IT skills. Results The Sultanate of Oman s goal of providing better, faster and more accurate public services Page 3 of 5

for its citizens together with higher levels of security, including biometrics is well underway. In the first seven months of the smart ID program being rolled out, 100,000 cards have been issued. 12 regional offices have been established around the country and 24 enrollment desks for ID card issuance and updates have been instituted. The regional offices manage the enrollment of citizens and/or expatriates, and are in charge of personalization and issuance of the ID card. Results will continue to be monitored and reported as the program continues and the citizens provide feedback. Lessons Learned / Moving Forward While the project is still progressing, both Gemplus management team and the ROP have learnt many lessons that are now being applied during the final stages of issuance and further into maintenance and supporting stages. ID projects are very complex and as such, expectations for execution times may need to be adjusted. In terms of time frames that Gemplus has experienced, 12 to 24 months is generally required for preparing RFI, RFP and suppliers to selection and award of contract. An additional 12 to 24 months can be expected for designing and setting up the system before the first card is even issued. For more heavily populated countries, involving many different departments and decision makers, this process can take longer. Gemplus also advises to pay close attention processes, policies and integration with legacy systems. In order to satisfy one of the ROP s initial objectives of engaging and promoting e- Government applications, Gemplus is developing PKI-based digital signing of e- government transactions. Healthcare services as well as electronic voting are two web-based applications planned for the public. Additionally, government employees will be able to utilize the card securely and efficiently for secure network access and email exchange. Driver s licenses and work permits for expatriots will also be included in future applications using the smart ID card. Currently the only post-issuance operations involves the ability to update information on existing applications details such as address, marital status and other personal details. With the development of the some of the e- government applications, post issuance will be a continuing part of the process. The Sultanate of Oman has recognized that smart card technology provides the ideal means to manage personal credentials and to provide a secure, reliable and flexible platform for public services and security. Learning from the experiences of other nations, Oman has adopted a state-of-the-art open and flexible solution that is capable of standing the test of time. As more cards are being rolled out, opportunities for improvements and additions have been identified and are currently being worked upon. Mainly involving additional ID applications on the card, Gemplus is now working with the ROP to accomplish these. Page 4 of 5

Sources Gemplus website - www.gemplus.com - Press Center Carl Norell Gemplus Public Relations (email communication) Gemplus Project Manager (personal communication) Gemplus ResIDent Product information Royal Oman Police Website www.rop.gov.om Page 5 of 5

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information