Swaabhimaan Day 3, E-governance, Transaction Security
Swaabhimaan 2066, day 3
E-governance
The day 3 of the Swabhimaan has started late due to some problems.
Today e-governance track has 4 sessions.
1. Standardization of Data & Namenclature for eGov Service
3. National Citizen Database
4. Transaction Security
Session 1st:- Transaction Security
The sesssion was started by chairman and told aabout the transcation security and its needs.
Title- Office of Controller of Certification
By:- Rajan Raj Panta
Government of Nepal
Ministry of Environment, Science & Technology
==> His paper content
a. Electronic Transaction
b. Secure Electronic Transaction
c. Digital Signature
d. Set-up Requirement
e. About OCC
f. ETA 2063
Electronic Transaction incudes simple corresponding like mail to Business Transaction
Education Transaction,Travel Trade Transaction,Government Transaction,Financial Transaction.
Most popular example is the E-commerce and online trade. Electronic money
has afffected Nepal. Credit Card System can be used for the shopping or other
transaction. After doing all these the elecgronic settlement needs to be made.
The problem is that the system or payment done is not authenticated. The negative
part should be authenticated. The security issue is the main thing and the unauthorized
access sholud be blocked. He clarified by giving an example of Bankok hotel and the
payment done by the person. His money was lost from his account within 20 mins he has
out from hotel. The confidentiality should be kept so that the info can be protected.
#how to make the electronic transaction secure and safe.
There may be different types of the electronic transaction such as finacial, educational and many more.
the most common type of electronic transaction is e-commerce. he also focused in the atm as the
electronic transaction. how the money is exchanged between client and the bussiness
man can made the safe transactionl. both the buyer and the seller is unknown so that it is
great task to make identification. the security system comes here to be safe and secure. there may
be different issues for the theft of the security key. how to make this transaction safe and be
private so that unauthorized person cannot access these key.
concept of the security.
use of thee differnt security tools, persons for performing the task, technical problems solu tion
should be planned before provideing it. it should be immediately solved if any problem appers
Signature is proof of identity or used to represent the intention of informed consent.
Why digital signature required?
He gave clear difference between the manual and digital signatures. He gave problems
with paper based signatures. The paper based signature can be changed easily and all
the signatures of a person may not match exactly.The signature of the person cannot be
identified easily. It is difficult to detect fraud.
He made idea clear about "Can't I just use an image of my signature and be done with it?"
The image can be copied and can be repeatedly used.
if there is an manual signature we can modify it easliy. there is no any identification method
whether the receiver get the document send by the sender or not. there is no any assurance that if the
user make different signs that shouldn;t be the same. if the paper is lost then there is the real
contraction appears.
solution for this may be the copy of the text image into the digital form by sc anning
is this the right solution:
no there may be differnt problems such as theft, duplication and unauthorized used.
Differences between paper signature vs digital signatures.
Parameter Paper Electronic
Authenticity May be forged Can not be copied
Integrity Signature independent Signature depends on the contents of the document
Non-repudiation Handwriting expert needed Any computer user
Error prone Error free
Electronic record are very easy to make and can be copied at any time so the security
should be maintained.The code is taken as the signature. Trusted software is used
to authenticate using PKI(Public Key ) method. It contains two keysL-
1. public key -
2. private key - sholud'nt be made out.
#how digital signature works
sender sends the message with the public key when he enters the private key then the message and the
signature goes with each other such that public key is encrypt with the hash function and the receiver
decryption it with the software and compare both the public key if it is varified then it is sure that the sender
is the owner who wants.
#certfication authority
Sthis is the most important part of the egov, they are the gov assigned agency who assigns the
digital signature to the public.
"The Electronic Transactions Act (ETA) provides a uniform state legal framework for
electronic transactions. This gives them the same legal weight as equivalent paper
based processes and wet signatures."