1 / 9

Intra-ASEAN Secure Transactions Framework Project Progress Report

Intra-ASEAN Secure Transactions Framework Project Progress Report. Chaichana Mitrpant chaichana @etda.or.th. Project Information. Support AIM 2015 under Strategic Thrust 2 :People Engagement and Empowerment Initiatives 2.4 : Building Trust

hyacinth-david
Télécharger la présentation

Intra-ASEAN Secure Transactions Framework Project Progress Report

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Intra-ASEAN Secure Transactions Framework Project Progress Report ChaichanaMitrpant chaichana@etda.or.th

  2. Project Information • Support AIM 2015 under • Strategic Thrust 2 :People Engagement and Empowerment • Initiatives 2.4 : Building Trust • Action : Promote Secure transaction with in ASEAN • Description : Promote the use of two-factor authentication

  3. Intra-ASEAN Secure Transactions Framework Project • Scope of work • Status update on : Laws, Policies, Regulations related to e-signature , certification • Propose e-authentication recommendation for Intra-ASEAN secure electronic transactions • Methodology • Desk Research : Review from the data available to public • Questionnaire Survey : Distributed to 10 ASEAN member countries • Period : 1 year • Budget : 10,000 USD

  4. Executive Summary • Three main components of e-authentication have been identified as follows: • Assurance Levels and Risk Assessments – Levels of assurance are defined so that different levels of importance of getting e-authentication right can be distinguished. • Identity Proofing and Verification – For each level of assurance, an objective of authentication and a set of controls are defined. Then details about identity proofing and verification methods are provided for the registration process. • Authentication Mechanism – Different token technologies are listed and mapped to the levels of assurance. Moreover, how identity should be managed is recommended.

  5. Executive SummaryStandards and Best Practices

  6. Executive SummaryAssurance Levels and Risk Assessment

  7. Executive SummaryIdentity Proofing and Verification Approach

  8. Executive SummaryExamples of Token Types for Different LoAs

  9. Needs for ASEAN Legal Infrastructure The cooperation among Member States is necessary in creation of the legal framework for Information Technology Legal Infrastructure development to be in equivalence and conform to international principle especially in the following matters: • Legal Infrastructure for Cross Boarder Electronic transactions • Principle on organization or unit for supporting and controlling the reliance on Electronic Transactions • Clear policy relating to Authentication technology in Electronic Transaction • Clear and appropriate principle on Identification and Authentication in Electronic Transaction, for example, the principle that allows a Certification Authorities (Foreign CA) to issue foreign digital certificate • Relevant measurements regarding data confirmation, such as, Electronic Signature and the responsibility of data owner for the accuracy of data. • The principle on Personal Data Protection, including the principle on a request of data in Authentication system in Cross Boarder Transaction by authority or relating person, or data sharing between Government Sector and Private Sector.

More Related