70 likes | 219 Views
Security Features in E-Tendering Solutions. - Gunjandeep Singh Khera. C1India (security Features).
E N D
Security Features in E-Tendering Solutions -Gunjandeep Singh Khera
C1India (security Features) • Digital Signature: The solution includes capturing Digital Signature Authorized and certified by approved agency nominated by Controller of Certifying Authorities under Ministry of IT, Govt. of India. • Process Validation: The Solution has been so architected that a user (BalmerLawrie Officers / Bidders) cannot view the commercial bid of any Bidder till the date & time specified for the opening of the commercial bid is due. All the documents are encrypted. • Unauthorised Access : The entire solution is behind a firewall and Unauthorized access is not allowed. The login passwords of all users are encrypted at the database level. 128 bit SSL Certificate from Verisign is used for communication between the browser and the web server. This ensures that all communication between browser and web server is encrypted and cannot be hacked.
NEXTenders (security Features) • The patent pending secure bid process that uses 1024 bit public key / private key pairs for all users of the system. • Self issued or third party based digital certificates. Class 1 or 2 or 3 certificates as per the choice of the buyer • Tamper proof bid box with automated security alerts • Optional use of secure socket layer operation • Optional use of smartcards for authentication and certificate storage • Task based access group and user access built into user interface • Task based access group and user access built into workflow engine
NEXTenders (Security Contd…) • All bid data is encrypted in transmission and storage. • Bids cannot be opened before the scheduled date and time of opening - time-locked electronic tender box facility. • Bids can be only opened by authorised officers (more than one acting simultaneously if so desired) with biometric identification. • Any attempt at tampering with or opening the bid ahead of time or by unauthorised personnel will immediately raise alarms and the bid will automatically be cancelled. • No bid can be tampered with under ANY circumstances. Whether it is due to hacking, unauthorised physical access to servers or collusion between vendors and authorised personnel at the buyer’s and/or service provider’s end, any tampering of bids will be immediately evident to all concerned when the bids are opened.
ABCProcure (Security Features) • The bids are secured using bidders Digital Signature. • During the Bid prepration time, Bids are kept encrypted using Bidders Encryption Key to ensure that no tampering happens • At the time of submission, the bid is decrypted & re-encrypted using the Buyer’s Encryption key. • At the time of Tender opening, the bid is decrypted using the Buyer’s key. • Any tampering can be detected using the Bidders Digital Signature.