Uploaded byTech_MX
PPTX, PDF10,609 views

Uid

The document discusses India's Unique Identification (UID) project and the Unique Identification Authority of India (UIDAI). It describes the purpose of UIDAI as providing a unique identification number to all Indian residents. It outlines the enrollment and authentication processes and discusses the various agencies, technologies, and challenges involved in implementing the UID system on a large scale. Key risks discussed include issues relating to adoption, privacy/security of biometric data, and ensuring the system's long-term sustainability.

EducationTechnology
In this document
Powered by AI

Introduction to UID, AADHAAR project details, functions of UIDAI, and contents outlined.

UIDAI's role, objectives, and unique identification number process in India.

Process of AADHAAR number issuance, enrolment, and authentication methods.

Describes the technical structure and involved agencies in the UID system.

Details on UID numbering format, generation, lifetime, and checksum methods.

Use of Entity IDs for organizations and how they facilitate financial transactions.

Maintaining accurate data in the UID database and mechanisms for updates.

Process for residents to request updates of demographic and biometric information.

E-R diagrams, tables, and relational schema used in the CIDR database.

Identified risks, challenges in data security, and various stages of UID implementation.

Benefits and concerns regarding UID implementation, privacy issues, and best practices.

Thanking the audience and concluding the presentation.

Embed presentation

Downloaded 683 times
UID
CONTENTS  Unique Identification Number & Its Purpose  AADHAAR Project  Authentication  UID System  UID Agencies  Challenges Involved in Implementation  UID Numbering Scheme  Entity IDs  Domain analysis  Business rules  E-R Diagram & Relational Schema  Risks & Database Threats and Attacks involved in UID Project Implementation
UNIQUE IDENTIFICATION NUMBER  The Unique Identification Authority of India (UIDAI) is an agency of the Government of India responsible for implementing the AADHAAR scheme, a unique identification project.  It was established in February 2009, and will own and operate the Unique Identification Number database.  The authority aims to provide a unique id number to all Indians.  The authority will maintain a database of residents containing biometric and other data.
PURPOSE OF UIDAI  The objective of the project is to determine uniqueness of all individuals within the territory of India.  It will only issue a number which will be delivered to the concerned person's address.  The UIDAI proposes to provide online authentication using demographic and biometric data.
AADHHAR NUMBER  The Unique Identification (AADHAAR) Number, which identifies a resident, will give individuals the means to clearly establish their identity to public and private agencies across the country.  AADHAAR Number is provided during the initiation process called enrolment where a resident‟s demographic and biometric information are collected .  Uniqueness of the provided data is established through a process called de-duplication.
AADHAAR AUTHENTICATION  AADHAAR “authentication” means the process wherein AADHAAR Number, along with other attributes, including biometrics, are submitted to the Central Identities Data Repository (CIDR) for its verification on the basis of information or data or documents available with it.  UIDAI will provide an online service to support this process.  AADHAAR authentication service only responds with a “yes/no” and no personal identity information is returned as part of the response.
 AADHAAR authentication will provide several ways in which a resident can authenticate themselves using the system.  At a high level, authentication can be „Demographic Authentication‟ and/or „Biometric Authentication‟.  But, in all forms of authentication the AADHAAR Number needs to be submitted so that this operation is reduced to a 1:1 match.  During the authentication transaction, the resident‟s record is first selected using the AADHAAR Number and then the demographic/biometric inputs are matched against the stored data which was provided by the resident during enrolment process or during subsequent updates.
UID SYSTEM
UID ARCHITECTURE
UID AGENCIES
NUMBERING FORMAT
NUMBERING SCHEME The Version Number: o Some digits may be reserved for specific applications. This is an implicit form of a version number embedded into the numbering scheme. o We recommend the following reservations: 0- numbers (a1 = 0) could be used as an “escape” for future extensions to the length of the number. Number Generation: o The numbers are generated in a random, non-repeating se- quence. o The algorithm chosen to generate IDs should not be made public and should be considered a national secret.
 Lifetime: Individual UID is assigned once, at inception, and remain the same for the lifetime of the person, and for a specified number of years beyond. At this point there is no consideration of reusing numbers.  Entity ID’s: We expect that entity ID numbers (1- numbers) will have different rules for periods of validity and retirement.  The Checksum: There are several schemes possible .The recommend ed scheme is the Verhoeff scheme.
ENTITY ID  Institutions like Government departments, schools and even companies can benefit by using a UID like Identifier – this is called an Entity ID.  Since the UID will potentially be used as a primary identifier in several transactions in the financial, health, food distribution, job creation schemes and transactions it is important to assign an entity ID to the service delivery organization.  For instance a financial trans-action to transfer money might take the form: TransferMoney(From_UID, To_UID, Amount);  Where the From_UID could be an entity UID of the block level NREGA entity and the To_UID can be that of the resident to who the amount is being transferred.  This symme-tric treatment of both to and from fields simplifies the end-to- end system.
DOMAIN ANALYSIS • The demographic and biometric fields linked to the Aadhaar number and stored in the CIDR would consequently, need to be regularly updated to ensure that the information it stores is both accurate and relevant for authenticating agencies. • The data fields held in the CIDR include mandatory demographic and biometric fields which are central to identity management, as well as additional, optional fields available for ease in communicating with the Resident, and for enabling better service delivery.
The UIDAI intends to set up modes through which residents can request for data updates. Registrar enrolment centres: • Most Registrars for the Aadhaar number intend to retain long-term enrolment centres . • These centres would have the enrolment client and devices required for carrying out enrolments, which can also be used for updation purposes. • These centres would also carry out processes such as document verification and handling, as well as verifying Introducer details, which are required for the complete updation solution.
National level common updation agency: • The UIDAI can work with the Registrars such as the National Securities Depository Limited (NSDL) where Residents can update their records not just through theUIDAI, but also other service agencies. • The networks of these agencies would be used for recording information update requests.
BUSINESS RULES  At the start of the process, the Resident arrives at the centre with his/her Aadhaar letter or his/her Aadhaar number.  He/she fills up an updation request form detailing the specific demographic/biometric information that needs to be updated.  If the information being updated requires supporting documentation, the resident may first have to get documents verified from the Verifying Official.  The Resident then provides the Operator at the centre with the verified documents, or with the Introducer who verifies that the updated information is accurate.
 The Operator performing the updation checks the Resident‟s Aadhaar letter.  When the Resident provides the updated information, the operator verifies the information matches any documentary evidence/introducer provided.  The Operator enters the Resident‟s information into the software client updating the demographic or biometric information as required.  Both Operator and Resident verify the accuracy of the data that is entered.  The Operator then captures the Resident‟s biometrics to confirm his/her authenticity as well as the Resident's sign-off on the update.
 The updated information is transferred to the CIDR .  Once it reaches the database, the information is updated in the CIDR, and the information on the update is then communicated to the Resident.
ER DIAGRAM
TABLES  CIDR(Uid,Cname,Fname,DoB,Address,Eye color,D mark)  ENROLLMENT_AGENCY(E_id,E_name,)  REGISTRAR(R_code,R_name,P_name,R_addr,R_ phno)  OPERATOR(O_id,O_name,Quali,O_addr,O_phno,certif_no,O_gende r)  UIDAI_ADMIN(A_code,A_name,A_gender,A_addr,A_phno,A_email)  CITIZEN(C_id,C_name,C_addr,C_phno,C_dob,C_gender)  BANK(Uid,Branch,Acc_no,Acc_bal,CreditCard)
RELATIONAL SCHEMA  CIDR Uid Cname Fname DoB DoE Eye Dmark color  REGISTRAR Reg Rname Pname R_addr R_phno Code  ENROLLMENT_AGENCY E_id E_name O_name Quali O_Addr Cert_no
 UIDAI_ADMIN A_code A_name A_gender A_addr A_phno A_email  BANK Uid Branch Acc_no Acc_bal CreditCard  CITIZEN C_id Cname C_addr C_phno C_dob C_gender
CHALLENGES IN INDIA IDENTITY CARD
RISKS INVOLVED  Adoption risk  A critical mass is required for the participation of service providers  Political risk  Support from state and local governments is critical  Enrollment risk  Enough touch points in rural areas and enrolling 60,000 newborns every day  Risk of scale  Administration and storage of ~1B records  Technology risk  Authentication, de-duplication and data obsolescence  Privacy and security risk  Biometric data security  Sustainability risk  Maintaining the initial momentum over a longer term
RISKS IN VARIOUS STAGES  Collection Data leakage Scenarios across various Registrars and Enrollment agencies: • Intentional or unintentional compromises • Logical or physical security compromise • Third party attacks Integrity and accountability of Registrars and enrollment agencies Reliance on multiple vendors increases vulnerabilities
RISKS IN VARIOUS STAGES ( CONT..)  Transmission Need for secured communication channels: VPN, SSL- VPN, MPLS clouds Encryption of the data: strong encryption required for securing biometrics Key Management: departmental interactions, coordination Non-Repudiation: attack vectors like a man-in-the- middle attack
RISKS IN VARIOUS STAGES ( CONT..)  Storage Management of roughly 10,000 TB of sensitive information spread across the country, in addition to storage in CIDR Accountability of users : data base administrators, network administrators, application owners, third party employees Accountability and assurance of people working with registrars and sub-registrars
DATABASE THREATS & ATTACKS Spoofing Tampering Trojan horse attacks Masquerade attack Overriding Yes /No response
CONCLUSION  Unique Identification System will be beneficiary to the citizens as it is a unique number which contains basic information of every person.  After the ID will be issued there is no need to carry driving license, voter cards, pan card, etc for any govt. or private work.  But to some extent it is harmful to the general public as all the data related to them is stored on computers and can be misused by hackers if the multiple security strategies will not be adopted.
 The UID authority in specific should make sure that they have the highest standards of integrity, openness, transparency and process in all stages of UID System.  The UID project should not become compulsory until there is an established judicial overview to ensure that the privacy rights of citizens are not unlawfully violated.
Thank you

More Related Content

PPTX
Smart Parking system .pptx
bySantoshKajrekar
 
PDF
RFID BASED ACCESS CONTROL SYSTEM
bySuvendu Kumar Dash
 
PPTX
Fyp presentation smart-shoppingcart
byKayDrive
 
PPTX
Unique identification authority of india uid
byAjit Dadresa
 
DOC
Learning Management System-SRS Modified(Semi-Final)
bySharon Varghese
 
DOCX
Software for atm manufacturer
byhandryjames
 
PPTX
Vehicles Parking Management System project presentation 2020
byVikram Singh
 
PPTX
Aadhaar ppt
byProf. K.Nageshwar
 
Smart Parking system .pptx
bySantoshKajrekar
 
RFID BASED ACCESS CONTROL SYSTEM
bySuvendu Kumar Dash
 
Fyp presentation smart-shoppingcart
byKayDrive
 
Unique identification authority of india uid
byAjit Dadresa
 
Learning Management System-SRS Modified(Semi-Final)
bySharon Varghese
 
Software for atm manufacturer
byhandryjames
 
Vehicles Parking Management System project presentation 2020
byVikram Singh
 
Aadhaar ppt
byProf. K.Nageshwar
 

What's hot

PPT
Payment Gateway
byAshraf Bashir
 
PPT
ER diagram for Shopping Mall Management System
byvipul kumar
 
PPTX
E wallet
byAyushi Shah
 
PPTX
Graphical password authentication
byAsim Kumar Pathak
 
DOCX
SRS for Google Pay(Gpay)
bySiddharthKumar220
 
PPT
RFID based access control ppt
byPradheep Shrinivasan
 
PPTX
Smart Intelligent trolley
byyokesh waran
 
PPTX
ppt on aadhar card project
byPooja Verma
 
PPTX
Zigbee based trolley cart access system using rfid
bySam Joey
 
PPTX
Vehicle Over Speed Detection on Highways
byEdgefxkits & Solutions
 
PPTX
Shiv smart door ppt
byMahesh Patil
 
PPTX
Internet Banking PPT
byayush goyal
 
PPTX
Credit card fraud detection
bykalpesh1908
 
PDF
Atm project
byKhaled Salmeen BAzqameh
 
PPTX
Smart Shopping System
byMahantesh Hiremath
 
PPTX
Digital Notice Board
byRaaki Gadde
 
DOC
RFID based car PARKING SYSTEM
byKunal Kabra
 
DOCX
Restaurant Management System Database Project (Oracle)
byMd. Shafaat Jamil Rokon
 
PPTX
Unified payments interface (upi)
byNaina Singh
 
PDF
Terms And condition in sales invoice in tally
bySunny Enterprises
 
Payment Gateway
byAshraf Bashir
 
ER diagram for Shopping Mall Management System
byvipul kumar
 
E wallet
byAyushi Shah
 
Graphical password authentication
byAsim Kumar Pathak
 
SRS for Google Pay(Gpay)
bySiddharthKumar220
 
RFID based access control ppt
byPradheep Shrinivasan
 
Smart Intelligent trolley
byyokesh waran
 
ppt on aadhar card project
byPooja Verma
 
Zigbee based trolley cart access system using rfid
bySam Joey
 
Vehicle Over Speed Detection on Highways
byEdgefxkits & Solutions
 
Shiv smart door ppt
byMahesh Patil
 
Internet Banking PPT
byayush goyal
 
Credit card fraud detection
bykalpesh1908
 
Atm project
byKhaled Salmeen BAzqameh
 
Smart Shopping System
byMahantesh Hiremath
 
Digital Notice Board
byRaaki Gadde
 
RFID based car PARKING SYSTEM
byKunal Kabra
 
Restaurant Management System Database Project (Oracle)
byMd. Shafaat Jamil Rokon
 
Unified payments interface (upi)
byNaina Singh
 
Terms And condition in sales invoice in tally
bySunny Enterprises
 

Viewers also liked

PDF
Aesop change data propagation
byRegunath B
 
PPT
practical risks in aadhaar project and measures to overcome them
bysaipriyadonthula
 
PPTX
Aadhaar at 5th_elephant_v3
byRegunath B
 
PPTX
Srikanth Nadhamuni
byeletseditorial
 
PPTX
Aadhaar
byhanmireddy pala
 
PDF
E commerce data migration in moving systems across data centres
byRegunath B
 
PDF
What database
byRegunath B
 
PPTX
Facebook style notifications using hbase and event streams
byRegunath B
 
ODP
Hadoop at aadhaar
byRegunath B
 
PDF
Building tiered data stores using aesop to bridge sql and no sql systems
byRegunath B
 
PDF
Building the Flipkart phantom
byRegunath B
 
ODP
Oss as a competitive advantage
byRegunath B
 
PPTX
Authentication(pswrd,token,certificate,biometric)
byAli Raw
 
Aesop change data propagation
byRegunath B
 
practical risks in aadhaar project and measures to overcome them
bysaipriyadonthula
 
Aadhaar at 5th_elephant_v3
byRegunath B
 
Srikanth Nadhamuni
byeletseditorial
 
Aadhaar
byhanmireddy pala
 
E commerce data migration in moving systems across data centres
byRegunath B
 
What database
byRegunath B
 
Facebook style notifications using hbase and event streams
byRegunath B
 
Hadoop at aadhaar
byRegunath B
 
Building tiered data stores using aesop to bridge sql and no sql systems
byRegunath B
 
Building the Flipkart phantom
byRegunath B
 
Oss as a competitive advantage
byRegunath B
 
Authentication(pswrd,token,certificate,biometric)
byAli Raw
 

Similar to Uid

PPTX
Aadhar card
byMegha Gaur
 
PPT
R S Sharma
byeletseditorial
 
PPTX
UIDAI:use of technology in increasing efficiency,delivery and transparency ppt
byMOHD AQUIB
 
PPT
AADHAR Card- Database Creation
byBasil John
 
DOCX
Unique identification number uid project ...
byBharat Sharma
 
PPTX
Aadhaar (Identity) Innovation ideas
byShrikant Karwa
 
PDF
Aadhaar Project A Critical Analysis
bySandra Valenzuela
 
PDF
Aadhaar: Providing proof of identity to millions
byHp kushal
 
PPTX
Unique ID Authority of India, Design and Cloud Connection
bySuhas Kelkar
 
PPTX
Access aadhaar
byKumud Singh
 
PPTX
Aadhaar
bySrikanth Thumma
 
DOCX
Empowering people
bysmartidentity
 
PDF
Future of Aadhaar is "a secure and robust system ensuring complete security a...
byNational Management Olympiad
 
DOCX
Aadhaar Card Registration System.
byPriyanka Singh
 
PPTX
Uid apoorva gaurav
byapoorvagauravcs
 
PPTX
UIDAI before reallity
bySantosh Pawar
 
PPT
Unique Identification Number: Implications and Challenges
byNikesh Narayanan
 
PDF
English_510QB_24012019.pdfChanges in Aadhar Policy v4.1 wef 01.12.2022 PPT.pptx
bydoondigitaltechnolog
 
PPT
Aadhaar - How to get an Aadhaar card - UID India
bySatya Mahesh Kallakuru
 
PDF
Giving 1.2 billion citizens a unique identity
byMindtree Ltd.
 
Aadhar card
byMegha Gaur
 
R S Sharma
byeletseditorial
 
UIDAI:use of technology in increasing efficiency,delivery and transparency ppt
byMOHD AQUIB
 
AADHAR Card- Database Creation
byBasil John
 
Unique identification number uid project ...
byBharat Sharma
 
Aadhaar (Identity) Innovation ideas
byShrikant Karwa
 
Aadhaar Project A Critical Analysis
bySandra Valenzuela
 
Aadhaar: Providing proof of identity to millions
byHp kushal
 
Unique ID Authority of India, Design and Cloud Connection
bySuhas Kelkar
 
Access aadhaar
byKumud Singh
 
Aadhaar
bySrikanth Thumma
 
Empowering people
bysmartidentity
 
Future of Aadhaar is "a secure and robust system ensuring complete security a...
byNational Management Olympiad
 
Aadhaar Card Registration System.
byPriyanka Singh
 
Uid apoorva gaurav
byapoorvagauravcs
 
UIDAI before reallity
bySantosh Pawar
 
Unique Identification Number: Implications and Challenges
byNikesh Narayanan
 
English_510QB_24012019.pdfChanges in Aadhar Policy v4.1 wef 01.12.2022 PPT.pptx
bydoondigitaltechnolog
 
Aadhaar - How to get an Aadhaar card - UID India
bySatya Mahesh Kallakuru
 
Giving 1.2 billion citizens a unique identity
byMindtree Ltd.
 

More from Tech_MX

PPTX
Virtual base class
byTech_MX
 
PPTX
Theory of estimation
byTech_MX
 
PPTX
Templates in C++
byTech_MX
 
PPT
String & its application
byTech_MX
 
PPTX
Statistical quality__control_2
byTech_MX
 
PPTX
Stack data structure
byTech_MX
 
PPT
Stack Data Structure & It's Application
byTech_MX
 
PPTX
Spss
byTech_MX
 
PPTX
Spanning trees & applications
byTech_MX
 
PPTX
Set data structure 2
byTech_MX
 
PPTX
Set data structure
byTech_MX
 
PPTX
Real time Operating System
byTech_MX
 
PPTX
Parsing
byTech_MX
 
PPTX
Mouse interrupts (Assembly Language & C)
byTech_MX
 
PPT
Motherboard of a pc
byTech_MX
 
PPTX
More on Lex
byTech_MX
 
PPTX
MultiMedia dbms
byTech_MX
 
PPTX
Merging files (Data Structure)
byTech_MX
 
PPTX
Memory dbms
byTech_MX
 
PPTX
Linkers
byTech_MX
 
Virtual base class
byTech_MX
 
Theory of estimation
byTech_MX
 
Templates in C++
byTech_MX
 
String & its application
byTech_MX
 
Statistical quality__control_2
byTech_MX
 
Stack data structure
byTech_MX
 
Stack Data Structure & It's Application
byTech_MX
 
Spss
byTech_MX
 
Spanning trees & applications
byTech_MX
 
Set data structure 2
byTech_MX
 
Set data structure
byTech_MX
 
Real time Operating System
byTech_MX
 
Parsing
byTech_MX
 
Mouse interrupts (Assembly Language & C)
byTech_MX
 
Motherboard of a pc
byTech_MX
 
More on Lex
byTech_MX
 
MultiMedia dbms
byTech_MX
 
Merging files (Data Structure)
byTech_MX
 
Memory dbms
byTech_MX
 
Linkers
byTech_MX
 

Recently uploaded

PPTX
Quarter 3 lesson 2 of English Grade 8.pptx
byMamGamino
 
PDF
UGC NET Paper 1 Syllabus | 10 Units Complete Guide for NTA JRF
byNIKHIL K N
 
PDF
The invasion of Alexander of Macedonia in India
byPrachiSontakke5
 
PDF
Multimodal and Multimedia AI - by Ms. Oceana Wong
byagenticroom
 
PDF
CXC-AD Associate Degree Handbook (Revised)
byCaribbean Examinations Council
 
PPTX
Physical education notes class ncert 12th
byjatinrg2009
 
PPTX
DEPED MEMORANDUM 089, 2025 PMES guidelines pptx
byRoseBubuli
 
PDF
Past Memories and a New World: Photographs of Stoke Newington from the 70s, 8...
byHistory of Stoke Newington
 
PPTX
Chapter 3. Pharmaceutical Aids (pharmaceutics)
bySharibJamal
 
PPTX
Plant Breeding: Its History and Contribution
bySatyam Sharma
 
PPTX
What are New Features in Purchase _Odoo 18
byCeline George
 
PPTX
The hidden treasures Grade 5 Story with Motive Questions.pptx
byGildaPetillaDelaCruz
 
PDF
Integrated Circuits: Lithography Techniques - Fundamentals and Advanced Metho...
byGS Virdi
 
PDF
*Unit-II A (Elements of Communication & Communication Style Matrix)
bySayyadTarannum
 
PPTX
Time Series Analysis - Least Square Method Fitting a Linear Trend Equation
bySundar B N
 
PPTX
Time Series Analysis - Weighted (Unequal) Moving Average Method
bySundar B N
 
PDF
ASRB NET 2025 Paper GENETICS AND PLANT BREEDING ARS, SMS & STODiscussion | Co...
bySatyam Sharma
 
PDF
45 ĐỀ LUYỆN THI IOE LỚP 8 THEO CHƯƠNG TRÌNH MỚI - NĂM HỌC 2024-2025 (CÓ LINK ...
byNguyen Thanh Tu Collection
 
PPTX
ATTENTION - PART 1.pptx cognitive processes -For B.Sc I Sem By Mrs.Shilpa Hot...
bySHILPA HOTAKAR
 
PPTX
Time Series Analysis - Method of Simple Moving Average 3 Year and 4 Year Movi...
bySundar B N
 
Quarter 3 lesson 2 of English Grade 8.pptx
byMamGamino
 
UGC NET Paper 1 Syllabus | 10 Units Complete Guide for NTA JRF
byNIKHIL K N
 
The invasion of Alexander of Macedonia in India
byPrachiSontakke5
 
Multimodal and Multimedia AI - by Ms. Oceana Wong
byagenticroom
 
CXC-AD Associate Degree Handbook (Revised)
byCaribbean Examinations Council
 
Physical education notes class ncert 12th
byjatinrg2009
 
DEPED MEMORANDUM 089, 2025 PMES guidelines pptx
byRoseBubuli
 
Past Memories and a New World: Photographs of Stoke Newington from the 70s, 8...
byHistory of Stoke Newington
 
Chapter 3. Pharmaceutical Aids (pharmaceutics)
bySharibJamal
 
Plant Breeding: Its History and Contribution
bySatyam Sharma
 
What are New Features in Purchase _Odoo 18
byCeline George
 
The hidden treasures Grade 5 Story with Motive Questions.pptx
byGildaPetillaDelaCruz
 
Integrated Circuits: Lithography Techniques - Fundamentals and Advanced Metho...
byGS Virdi
 
*Unit-II A (Elements of Communication & Communication Style Matrix)
bySayyadTarannum
 
Time Series Analysis - Least Square Method Fitting a Linear Trend Equation
bySundar B N
 
Time Series Analysis - Weighted (Unequal) Moving Average Method
bySundar B N
 
ASRB NET 2025 Paper GENETICS AND PLANT BREEDING ARS, SMS & STODiscussion | Co...
bySatyam Sharma
 
45 ĐỀ LUYỆN THI IOE LỚP 8 THEO CHƯƠNG TRÌNH MỚI - NĂM HỌC 2024-2025 (CÓ LINK ...
byNguyen Thanh Tu Collection
 
ATTENTION - PART 1.pptx cognitive processes -For B.Sc I Sem By Mrs.Shilpa Hot...
bySHILPA HOTAKAR
 
Time Series Analysis - Method of Simple Moving Average 3 Year and 4 Year Movi...
bySundar B N
 

Uid

  • 1.
  • 2.
    CONTENTS  Unique Identification Number & Its Purpose  AADHAAR Project  Authentication  UID System  UID Agencies  Challenges Involved in Implementation  UID Numbering Scheme  Entity IDs  Domain analysis  Business rules  E-R Diagram & Relational Schema  Risks & Database Threats and Attacks involved in UID Project Implementation
  • 3.
    UNIQUE IDENTIFICATION NUMBER  The Unique Identification Authority of India (UIDAI) is an agency of the Government of India responsible for implementing the AADHAAR scheme, a unique identification project.  It was established in February 2009, and will own and operate the Unique Identification Number database.  The authority aims to provide a unique id number to all Indians.  The authority will maintain a database of residents containing biometric and other data.
  • 4.
    PURPOSE OF UIDAI  The objective of the project is to determine uniqueness of all individuals within the territory of India.  It will only issue a number which will be delivered to the concerned person's address.  The UIDAI proposes to provide online authentication using demographic and biometric data.
  • 5.
    AADHHAR NUMBER  The Unique Identification (AADHAAR) Number, which identifies a resident, will give individuals the means to clearly establish their identity to public and private agencies across the country.  AADHAAR Number is provided during the initiation process called enrolment where a resident‟s demographic and biometric information are collected .  Uniqueness of the provided data is established through a process called de-duplication.
  • 6.
    AADHAAR AUTHENTICATION  AADHAAR “authentication” means the process wherein AADHAAR Number, along with other attributes, including biometrics, are submitted to the Central Identities Data Repository (CIDR) for its verification on the basis of information or data or documents available with it.  UIDAI will provide an online service to support this process.  AADHAAR authentication service only responds with a “yes/no” and no personal identity information is returned as part of the response.
  • 7.
    AADHAAR authentication will provide several ways in which a resident can authenticate themselves using the system.  At a high level, authentication can be „Demographic Authentication‟ and/or „Biometric Authentication‟.  But, in all forms of authentication the AADHAAR Number needs to be submitted so that this operation is reduced to a 1:1 match.  During the authentication transaction, the resident‟s record is first selected using the AADHAAR Number and then the demographic/biometric inputs are matched against the stored data which was provided by the resident during enrolment process or during subsequent updates.
  • 8.
  • 9.
  • 10.
  • 11.
  • 12.
    NUMBERING SCHEME The VersionNumber: o Some digits may be reserved for specific applications. This is an implicit form of a version number embedded into the numbering scheme. o We recommend the following reservations: 0- numbers (a1 = 0) could be used as an “escape” for future extensions to the length of the number. Number Generation: o The numbers are generated in a random, non-repeating se- quence. o The algorithm chosen to generate IDs should not be made public and should be considered a national secret.
  • 13.
    Lifetime: Individual UID is assigned once, at inception, and remain the same for the lifetime of the person, and for a specified number of years beyond. At this point there is no consideration of reusing numbers.  Entity ID’s: We expect that entity ID numbers (1- numbers) will have different rules for periods of validity and retirement.  The Checksum: There are several schemes possible .The recommend ed scheme is the Verhoeff scheme.
  • 14.
    ENTITY ID  Institutions like Government departments, schools and even companies can benefit by using a UID like Identifier – this is called an Entity ID.  Since the UID will potentially be used as a primary identifier in several transactions in the financial, health, food distribution, job creation schemes and transactions it is important to assign an entity ID to the service delivery organization.  For instance a financial trans-action to transfer money might take the form: TransferMoney(From_UID, To_UID, Amount);  Where the From_UID could be an entity UID of the block level NREGA entity and the To_UID can be that of the resident to who the amount is being transferred.  This symme-tric treatment of both to and from fields simplifies the end-to- end system.
  • 15.
    DOMAIN ANALYSIS • The demographic and biometric fields linked to the Aadhaar number and stored in the CIDR would consequently, need to be regularly updated to ensure that the information it stores is both accurate and relevant for authenticating agencies. • The data fields held in the CIDR include mandatory demographic and biometric fields which are central to identity management, as well as additional, optional fields available for ease in communicating with the Resident, and for enabling better service delivery.
  • 16.
    The UIDAI intendsto set up modes through which residents can request for data updates. Registrar enrolment centres: • Most Registrars for the Aadhaar number intend to retain long-term enrolment centres . • These centres would have the enrolment client and devices required for carrying out enrolments, which can also be used for updation purposes. • These centres would also carry out processes such as document verification and handling, as well as verifying Introducer details, which are required for the complete updation solution.
  • 17.
    National level commonupdation agency: • The UIDAI can work with the Registrars such as the National Securities Depository Limited (NSDL) where Residents can update their records not just through theUIDAI, but also other service agencies. • The networks of these agencies would be used for recording information update requests.
  • 18.
    BUSINESS RULES  At the start of the process, the Resident arrives at the centre with his/her Aadhaar letter or his/her Aadhaar number.  He/she fills up an updation request form detailing the specific demographic/biometric information that needs to be updated.  If the information being updated requires supporting documentation, the resident may first have to get documents verified from the Verifying Official.  The Resident then provides the Operator at the centre with the verified documents, or with the Introducer who verifies that the updated information is accurate.
  • 19.
    The Operator performing the updation checks the Resident‟s Aadhaar letter.  When the Resident provides the updated information, the operator verifies the information matches any documentary evidence/introducer provided.  The Operator enters the Resident‟s information into the software client updating the demographic or biometric information as required.  Both Operator and Resident verify the accuracy of the data that is entered.  The Operator then captures the Resident‟s biometrics to confirm his/her authenticity as well as the Resident's sign-off on the update.
  • 20.
    The updated information is transferred to the CIDR .  Once it reaches the database, the information is updated in the CIDR, and the information on the update is then communicated to the Resident.
  • 21.
  • 22.
    TABLES  CIDR(Uid,Cname,Fname,DoB,Address,Eye color,D mark)  ENROLLMENT_AGENCY(E_id,E_name,)  REGISTRAR(R_code,R_name,P_name,R_addr,R_ phno)  OPERATOR(O_id,O_name,Quali,O_addr,O_phno,certif_no,O_gende r)  UIDAI_ADMIN(A_code,A_name,A_gender,A_addr,A_phno,A_email)  CITIZEN(C_id,C_name,C_addr,C_phno,C_dob,C_gender)  BANK(Uid,Branch,Acc_no,Acc_bal,CreditCard)
  • 23.
    RELATIONAL SCHEMA  CIDR Uid Cname Fname DoB DoE Eye Dmark color  REGISTRAR Reg Rname Pname R_addr R_phno Code  ENROLLMENT_AGENCY E_id E_name O_name Quali O_Addr Cert_no
  • 24.
    UIDAI_ADMIN A_code A_name A_gender A_addr A_phno A_email  BANK Uid Branch Acc_no Acc_bal CreditCard  CITIZEN C_id Cname C_addr C_phno C_dob C_gender
  • 25.
    CHALLENGES IN INDIAIDENTITY CARD
  • 26.
    RISKS INVOLVED  Adoption risk  A critical mass is required for the participation of service providers  Political risk  Support from state and local governments is critical  Enrollment risk  Enough touch points in rural areas and enrolling 60,000 newborns every day  Risk of scale  Administration and storage of ~1B records  Technology risk  Authentication, de-duplication and data obsolescence  Privacy and security risk  Biometric data security  Sustainability risk  Maintaining the initial momentum over a longer term
  • 27.
    RISKS IN VARIOUSSTAGES  Collection Data leakage Scenarios across various Registrars and Enrollment agencies: • Intentional or unintentional compromises • Logical or physical security compromise • Third party attacks Integrity and accountability of Registrars and enrollment agencies Reliance on multiple vendors increases vulnerabilities
  • 28.
    RISKS IN VARIOUSSTAGES ( CONT..)  Transmission Need for secured communication channels: VPN, SSL- VPN, MPLS clouds Encryption of the data: strong encryption required for securing biometrics Key Management: departmental interactions, coordination Non-Repudiation: attack vectors like a man-in-the- middle attack
  • 29.
    RISKS IN VARIOUSSTAGES ( CONT..)  Storage Management of roughly 10,000 TB of sensitive information spread across the country, in addition to storage in CIDR Accountability of users : data base administrators, network administrators, application owners, third party employees Accountability and assurance of people working with registrars and sub-registrars
  • 30.
    DATABASE THREATS &ATTACKS Spoofing Tampering Trojan horse attacks Masquerade attack Overriding Yes /No response
  • 31.
    CONCLUSION  Unique Identification System will be beneficiary to the citizens as it is a unique number which contains basic information of every person.  After the ID will be issued there is no need to carry driving license, voter cards, pan card, etc for any govt. or private work.  But to some extent it is harmful to the general public as all the data related to them is stored on computers and can be misused by hackers if the multiple security strategies will not be adopted.
  • 32.
    The UID authority in specific should make sure that they have the highest standards of integrity, openness, transparency and process in all stages of UID System.  The UID project should not become compulsory until there is an established judicial overview to ensure that the privacy rights of citizens are not unlawfully violated.
  • 33.