Established by the French Government’s Ministry of Finance and Economics, the ACCORD project was commissioned to design and implement financial system modernisation. The charter of the ACCORD initiative team, composed of representatives from multiple government ministries, is to architect solutions that enable the French government to manage the finances of the country with the same level of accountability as private sector enterprises. The technology-based infrastructure selected was a smart card solution to confirm and authenticate users across 40 departments.
HID Global’s Identity Assurance software
The systems operated in parallel but could not leverage the benefits of a unified system
AIFE – Agence pour l’Informatique Financière de l’Etat – chose HID Global’s Identity Assurance software coupled with smart cards for the solution.
Ensuring users are ‘who they say they are’ over the course of several decades, individual French government departments had developed separate and distinct applications to manage activities such as budgeting, processing purchase orders, and other accounting activities. The systems operated in parallel but could not leverage the benefits of a unified system.
Enterprise Resource Planning system
With the inception of the ACCORD project, the government committed to streamlining finance management by moving to one system for centralised control of the country’s budgeting and finance operations – with a goal that by 2004, all government central entities will be using the standard Enterprise Resource Planning (ERP) system. The transition to an online application that consolidates financial reporting and transactions requires an organisation to determine how it will identify users with certainty prior to granting them access to the system and to valuable data.
The solution must be easy to use to ensure departmental acceptance of the new application and authentication process. It must also minimise the IT staff time required for day-to-day administration and helpdesk activities for a large population over 7,000 dispersed users. These multiple challenges presented an opportunity to leverage proven digital identification solutions from HID Global.
Smart card-based PKI identification solution
HID Global’s Security Client software solution and smart card readers are key elements for securing the finance system at all user points of entrySmart card-based solution using digital certificates with PKI, The French government-wide implementation securely links multiple departments, such as the Ministries of Education, Justice, Transportation and Housing, and Foreign Affairs, to the unified ERP application, enabling the exchange and ultimate consolidation of digital information.
In 2000, the Ministry of Finance began deploying HID Global’s smart card-based PKI solution. HID Global’s Security Client software solution and smart card readers are key elements for securing the finance system at all user points of entry – any of which could become a source of fraudulent or malicious activity in the absence of strong authentication and confirmation of digital identity. Today, employees regularly use the card with a microchip that holds their unique credentials in the form of an Entrust digital certificate.
HID Global’s Gold Entrust-Ready certification ensures a smooth deployment to large numbers of users, and the combined solution with Entrust TruePass delivers the following benefits:
- Enhanced Security: HID Global’s multi-factor authentication reinforces the fundamental security and intent of a PKI by requiring something the user has (a smart card) and something the user knows (a PIN code) in order to use the private keys stored on the card. To further enhance security, the key pair is generated on the cryptographic smart card itself, so that the private key is never exposed to the insecure PC environment. The tight integration of HID Global’s client software with Entrust ensures certificate key updates are transparently and automatically made on the card.
- Non-Repudiation: To support non-repudiation, it is essential that ERP system users provide undeniable proof that they are who they say they are. Keys used for that authentication can never be stored on the potentially vulnerable user workstation. Those sensitive keys must remain under the sole control of the user, and HID Global’s client software ensures private keys are generated on the card and remain in the rightful owner’s possession at all times.
- User Simplicity: HID Gobal’s Security Client software provides a familiar ATM-like user interface that makes complex digital identity and PKI technologies transparent, so employees can focus on their work responsibilities and financial application activities to easily access the system. HID Global’s commitment to openness and industry standards ensures that the French Government’s initial investment in digital identity products and smart card client software infrastructure is capable of supporting multiple PKI vendors and other forms of identity credentials in the future.