eGovernance

Under guidance of
Dr. P.V. Kamesam

IBM Research Lab

New Delhi

Ashish Gupta
3rd Year
B.Tech , Computer Science and Engg.
IIT Delhi
 Introduction
Definition of eGov
It can be defined as the civil and political conduct
of government, including service provision, using
information and communication technologies.

Transactions
Government Government

Citizens
e-Gov solution

Overview of Presentation
Part 1 : Content Manager
Part 2 : Audit Trails in Distributed Databases
 Intro to Content Manager
The Problem
 A Major challenge in eGov : Data Management
E.g. Land Records , Citizen Database etc.
 Content Manager : a Possible Solution

What is Content Manager ?

Content Manager (a product from IBM) is a
scalable solution for storing and retrieving
documents of various types.
 Content Manager
Brief Overview of the features of CM

1. Lets you store content regardless of format.

( Unstructured data )
E.g. text documents, scanned images, audio, video, forms any
binary object
2. Stores data on distributed servers and provides single
point access.
3. Provides many sophisticated features like
 Access control
 Storage management – Archiving , Purging ,
Migration
 User management
 Automated Workflow
 Enterprise wide search from Internet or intranet
clients.
 Streaming audio and video.
 The Beginners Guide to CM
 Provides an introduction to a layman about
Content Manager
 Covers essential topics of CM
 Relevant Figures to explain important concepts
 All discusses development of Client Application
for CM
 Useful Appendices with extra info like installation,
references etc.
 Developed an easy to use CM Programming API
Developed a new easy to use API on top of
Content Manager Programming API

Benefits
 Makes it very easy to perform operations
Application
on the CM Database
 Encapsulates the complexity of CM API
 Object Oriented Approach allows easy
integration into new apps
 Speeds up Application Development Time Audit Layer
Security Layer
 Extensibility : Acts like a new layer on top
of CM
SimpleCMAPI
 New layers like Custom Access Control ,
Audit Layer can be added Content Manager API
Folder Manager API
Library Client API
 A Prototype Application

Defining the problem

Proposed a prototype solution
Developed an Application in Visual C++ on top of Content Manager
Demonstrates use of our new API with additional layers
Workflow
Security Layer
Audit Layer
OR

Inner Line Permit RESIDENTSHIP

for VISITOR
Requirements for entering Arunachal Pradesh
Some Screenshots of the Application developed

Two databases: Security Layer

•Citizen Database
•Inner Line Permit Database

Main Screen

Workflow in CM
Audit Trails on Distributed Databases

 Definition of Audit Trail

An audit trail is a series of records of computer events,
about an operating system, an application, or user
activities.

 Purpose of Audit Trail

 Individual Accountability: track individual
actions to facilitate audit.
 Reconstructing Events: reconstruct events as
and when required.
 Problem Monitoring: online tools to help
monitor problems
 Intrusion Detection: identifying attempts to
penetrate a system and gain unauthorized
access.
 The eGov Middleware
Data Virtualization
Transaction
Commands
Application Isolates logical view
of data storage
M available to the
I application
D
D
Query processor developer from the
and optimizer
L physical placement
E
W
A
Data Virtualizer
R
E

Database Database Database Database

Audit Trail Component : A module responsible for
managing the audit trail of eGov applications across
the entire system.

Problem Description
Where can we place the Audit Trail Component in the
eGov Architecture ?

Possible options:
1. Application
2. In the Middleware , above DV Module
3. In the Component Databases
Issues Involved in the Placement
 Security Issues
 Risking security at the hands of applications
 Tamper proofing of Audit Trail
 Implementation Issues
 Application Complexity
 Database design Complexity
 Audit Trail Transparency to the application
developers
 Consistency of Audit Trail across the entire system
 Ease of Audit Policy Management
Proposed Solution
Transaction
Commands
Application

MI
D S Audit
Audit Trail Agent
D Policy
E Database
L
E C
W U
A R Query processor
R I and optimizer
E T Data Virtualizer
Y

Database Database Database Database

Further Research Issues
Audit Trail Agent Architecture

 Storage of Audit Trail is an issue

 Distributed or Centralized ?
Possible Solution:
A Buffered Distributed - Centralized Architecture
 Amalgamation of audit trail data at the central server
• Timestamping issues to ensure correct chronological sequencing
of audit trail for analysis – Time sync , which time to use
• Proper Categorization of Audit Trail data to facilitate analysis
 Ensuring Tamperproofing of Audit Trail for the Auditor
• Authentication of Distributed Sources
• Encryption
• Access Control
• Secure Transmission
 Audit trail management (Archiving and purging)
 Access Control to Audit Trail
 Conclusion
 Extensible API developed for Content
Manager along with an application
 Audit Trail Architecture in eGov

Working at IRL
 Team work
 Research Experience
 Responsibility

Thanks
 Things Learnt
 Enterprise Database Technology
 Visual C++ / Database Interaction
 API Wrapper Technology
 Distributed Database Systems
 Audit Trail Technology and Middleware Tech.
 Security Issues in large scale databases

IIT Education
• File Systems Course
• CS120 and CS130
Other Tasks
 Laid down a list of requirements for eGov data
management solutions
 A document on security issues of smart cards

Future Work
Integration of EIP with CM
Further extension of the new CM API with focus on security and
audit trail layers
Development of applications for more real life scenarios
 Architecture of CM
Client

Library
Server

Multiple Object Servers

Fig: Architecture of Content Manager for a single Implementation