NECTEC+CICC Seminar on Information Security Technologies: Towards e-Government November 19, 2003,...

NECTEC+CICC Seminar on Information Security Technologies: Towards e-GovernmentNovember 19, 2003, Bangkok, Thailand. Thaweesak Koanantakool

1

Seminar on

Information Security TechnologiesInformation Security Technologies

Towards e-GovernmentTowards e-Government

November 19, 2003, Bangkok, Thailand

Thaweesak KoanantakoolDirector,

National Electronics and Computer Technology Center

National Science and Technology Development Agency

Ministry of Science and [email protected]


2

Presentation Outline

• Thailand ICT status• ICT Policy and Master Plan• CyberLaws• eGovernment progress• Bridging the Digital Divide Programs• Security issues


3

Thailand


4

Thailand ICT IndicatorsPopulation 62.80 millionGDP Growth (2002) 5.2 %GDP (2002) 5,430 Billion BahtNumber of Commercial ISPs 18 ISPsNumber of non-commercial ISPs 5 ISPsInternet Exchanges 2 exchangesTotal International Bandwidth (Oct, 03)1.44 GbpsTotal Domestic Bandwidth (Oct, 03) 8 GbpsPC Users (June, 03) 11.3 millionDomains registered under “.th” 13,116 domains Internet Users (June, 03) 6.0 millionFixed line subscribers 12.9 /100 population Mobile phone users 30.6 /100 population


5

ICT Development Policy Framework for 2000-2010 (IT 2010)

Information EconomyInformation Economy Information SocietyInformation Society

QuantityQuantity QualityQuality

Telecommunication Infrastructure

Science and Technology, R&D, Knowledge

Information Development, IT Literacy, IT HR

e-Industrye-Industrye-Commercee-Commerce

e-Societye-Educatione-

Government

Sectors

Cross-cuttingissues


7

ICT Policy Development

^1992 ^1993 ^1994 ^1995 ^1996 ^1997 ^1998 ^1999 ^2000 ^2001 ^2002 ^2003 ^2004 ^2005 ^2006

National IT Committee (established 1992) . National IT Committee (established 1992) .

IT 2000 PolicyIT 2000 Policy IT 2010 PolicyIT 2010 Policy

National ICT Masterplan 2002-2006

National ICT Masterplan 2002-2006

Ministry of ICT Ministry of ICT

eIndustry e-Governmente-Society

eCommerce e-Education

eIndustry e-Governmente-Society

eCommerce e-EducationPolicies

English-Thai Web Translation

English-Thai Web Translation

SchoolNetThailandSchoolNetThailand

Introduction of Internet Introduction of Internet Software Park Thailand Software Park Thailand

Government Information Network

Government Information Network

E-Commerce Resource CenterE-Commerce Resource Center

Government CIO ProgramGovernment CIO Program

IT Law Development .

IT Law Development .

e-Thailande-Thailand

Electronic Transactions Act

Electronic Transactions Act

Government CA ServiceGovernment CA Service

Software Industry Promotion Agency

Software Industry Promotion Agency

NII, CompCrime, DP ActsNII, CompCrime, DP Acts

e-Government Project

e-Government Project

TIS-620 Thai Character set registered with IANATIS-620 Thai Character

set registered with IANA

Activities

TIS-620 Thai Character set in UNICODE

TIS-620 Thai Character set in UNICODE


8

IT Law Development

• Electronic Transaction Law (incorporating Digital Signature) since April 2002

• Information Infrastructure Law (a Universal Access Law to ensure accessibility and equitably to all citizens)

• Data Privacy Law• Computer Crime Law• Electronic Fund Transfer Law


9

Cybercrime Law

• Cybercrime is recognized as a significant problem requiring the cooperation among the government and law enforcement agencies.

• The new threats challenges existing law. Thailand therefore drafted the Computer Crime Bill, one of ICT law, as guided by the framework of Cybercrime Convention of Council of Europe since a common purpose of those Convention aims principally at harmonozing the national laws.

• With respect to the scope of the Bill, it contains three chapters.


10

Cybercrime Law

• Chapter one covers the criminalisation provisions, namely, illegal access; illegal interception; data interference; system interference; and misuse of devices.

• Chapter two is to criminalise the computer-related offences, computer related forgery, computer-related fraud and offences-related to child pornography.


11

Cybercrime Law

• Chapter three is intended to set up the criminal procedural law powers in order to enable a fast and effective investigation and prosecution. In the course of a criminal investigation, preservation of stored data, disclosure of traffic data and search as well as seizure of computer data are needed.

• The Bill is currently approved in principle by the Cabinet and now under consideration of the Council of the State.


12

National ICT Master Plan(2002-2006)

Approved by the Cabinet onSeptember 25, 2002


13

Vision:

Thailand will be the regional center of ICT development and business, particularly in software.

ICT Master Plan(2002-2006)

Thailand is to have strong and competitive economy as well as knowledge-based society, given that entrepreneurs and majority of people can access the information.


14

Mission:Enhance continuous collaboration

between public and private sectors as a development network of information and infrastructure.

Reform ICT management including plans for research, education, and training in ICT.

ICT Master Plan(2002-2006)


15

Strategies in the ICT Master Plan

กั�บกัาร7. ICT for Public Sector

3. R&D Reform

2. Quality of Life and Society Enhancement

6. ICT for SMEs

1. Developmentof ICT Industry

5. Entrepreneurs Capability Development

4. Society Capability Leverage for future Competition


16

Strategy 7: (ICT Master Plan)ICT Utilization for Public administration and Services

1. Setting up new ministry responsible for the development of ICT nationally.

2. Structural reform within organization in related to ICT, such as setting up CIO office as well as improving laws and regulations.

3. Develop governmental database for information exchange4. Apply GIS for socio-economic development5. Encourage effective use of ICT network among government

agencies6. Devise mechanisms to build up ICT-related capability for public

sectors employees7. Develop monitoring and evaluation system for national ICT

development8. Develop National Digital Nervous System

Government to set up central organization to oversee ICT development and utilization within the public sector. Emphasis will be on the unity and integration of database system, planning, coordination, budget allocation and transparency in procurement, to meet the reauirement of each agency, as well as reduce investment duplication. This will enable public sector to accumulate, exchange and share information among themselves, based on secured and open standard platform.

Government to set up central organization to oversee ICT development and utilization within the public sector. Emphasis will be on the unity and integration of database system, planning, coordination, budget allocation and transparency in procurement, to meet the reauirement of each agency, as well as reduce investment duplication. This will enable public sector to accumulate, exchange and share information among themselves, based on secured and open standard platform.

Source: National ICT Master Plan(2002-2006)


17

Political will And support

Computer and

Network

Infrastructure Rules &

Regulations Legal

Infrastructure

Security & Policy

Information Infrastructu

re

E-Commerce Infrastructure

HRD CIO/CEO Program

Civil Servant Attitudes

- CIO Training- CIO Forum- CIO Conference

Information

in every organizati

on

- e-Commerce Resource Center- G to C- G to B- e-Procurement- e-Tax- e-Citizen- e-Marketplaces- Electronic Transactions

Act- Data Protection Law- NII Law, EFT Law

- Govt Data Infrastructure- Govt News Exchange- Govt Data Exchange- Government Interoperability Standard

PKI ThaiCERT Computer Crime

Law Gov CA Service

- Ministry of ICT- National IT Committee

NationalOperationCenter

- Government IT Services- Government Information

Network- SchoolNet

Thailand e-Government Development

Beneath the IcebergBeneath the Iceberg


18

IT2000Policy

DOT ForceUN ICT Task ForceeASEAN (e-Society)

ITU, APT, etc.

Challenges:Challenges:

Telecommunicationinfrastructure

Affordability

Local contents

Human Resource

Legal frameworks

Challenges:Challenges:

Telecommunicationinfrastructure

Affordability

Local contents

Human Resource

Legal frameworks

Benchmarkingsurveys

SchoolNetThailand

Communitytelecenters

Development ofIT Laws

Accessibility andlowering costs

Development oflocal contents

human capacity building

Bridging Bridging the Digital the Digital

Divide:Divide:Programs Programs

in in ThailandThailand

Bridging Bridging the Digital the Digital

Divide:Divide:Programs Programs

in in ThailandThailand

Active monitoring ofICT indicators

Equal access everywhereRoadshow, Linux SIS

20 pilot centers in 2002best practice models

National Information Infrastructure Bill

Wireless local-loop researchNationwide IP Network (TOT)

Digital Library ToolkitDigital Archive, Learning objects

Teachers training, Government CIO program

Public – PrivatePartnershipsWSIS

2003


19

Four main tracks of Thailand e-Government services

Track 1. Information ServicesTrack 1. Information Services

Track 2. Transaction ServicesTrack 2. Transaction Services

Track 3. Payment GatewayTrack 3. Payment Gateway

Track 4. E-ProcurementTrack 4. E-Procurement

Standard online information services to public, business sectors, and government sectors

Standard online information services to public, business sectors, and government sectors

Online services: car registration renewal, taxation, business registration,...

Online services: car registration renewal, taxation, business registration,...

Financial management gateway for government and business sectors

Financial management gateway for government and business sectors

Electronic Procurement for government sectorsElectronic Procurement for government sectors


20

Recent Development (2002-2003)

• Government PKI Service Launched• E-Auction Trials (all government agencies)• National Operation Center Project

– PMOC: Prime Minister’s Operation Center– MOC: Ministerial Operation Center– DOC: Departmental Operation Center– POC: Provincial Operation Center

• Government Information Technology Service (GITS)

• Annual Government IT Awards• Government Data Exchange (GDX)• eCitizen Portal (www.ecitizen.go.th)


21


22

Technology handling of Threat

Physical Security(กัารร�กัษาความม�นคงทางกัายภาพ)

Contingency Planning/Disaster Recovery(แผนสำ�ารองฉุ�กัเฉุ�น/กัารกั��ภ�ย)

Incident Management(กัารร�บม�อกั�บเหตุ�กัารณ์ )

Monitoring and Auditing(กัารเฝ้"าดู�และตุรวจสำอบ)

System and Network Management(กัารจ�ดูกัารระบบและเคร�อข่(าย)

Authentication and Authorization(กัารพ�สำ�จน ตุ�วตุนและกัารให�สำ�ทธิ์�+)

Encryption(กัารเข่�ารห�สำ)

General Staff Practices(กัารปฏิ�บ�ตุ�งานข่องเจ�าหน�าท.)

(แหล่�งข้�อมูล่: http://www.cert.org)

Security Architecture and Design(กัารออกัแบบและโครงสำร�างข่องกัารร�กัษาความม�นคง


23

Management handling of threat

Institutional Knowledge(ความร��ท.ใช้�แนะน�า)

Security Management(กัารจ�ดูกัารดู�านกัารร�กัษาความม�นคง)

Security Strategy(กัลย�ทธิ์ ในกัารร�กัษาความม�นคง)

Security Policies and Regulations(ระเบ.ยบและนโยบายดู�านกัารร�กัษาความม�นคง)

Security Practice Areas(กัารดู�าเน�นกัารดู�านกัารร�กัษาความม�นคง)

(แหล่�งข้�อมูล่: http://www.cert.org)

Collaborative Security Management(กัารจ�ดูกัารดู�านกัารร�กัษาความม�นคงร(วมกั�น)


24

Priority areas for WSIS Basic Telecommunications Basic Access to the Internet Human Capacity Building Affordable Access Devices (PCs, PDA) National ICT Policy and Plan Threat of Liberalization Appropriate Software (Legal, compact, low

cost) Local Language enabled on Computers Creation of Local Contents Portal Sites e-Government -- Government Facilitation Standards in manufacturing, safety, health IT-Laws (e-Transaction, e-Signature,

Computer Crime, Data Protection) Security -- Information/System/Network Authentication and Certification, PKI Broadband Access (Corporate, home) IT-Manpower development Regional Networking Collaboration Opportunities from Liberalization and

Regionalization e-Marketplaces e-Payment infrastructure Consumer Protection Cross Border Certification Intellectual Property rights Protection Privacy

Basic Telecommunications Basic Access to the Internet Human Capacity Building Affordable Access Devices (PCs, PDA) National ICT Policy and Plan Threat of Liberalization Appropriate Software (Legal, compact, low

cost) Local Language enabled on Computers Creation of Local Contents Portal Sites e-Government -- Government Facilitation Standards in manufacturing, safety, health IT-Laws (e-Transaction, e-Signature,

Computer Crime, Data Protection) Security -- Information/System/Network Authentication and Certification, PKI Broadband Access (Corporate, home) IT-Manpower development Regional Networking Collaboration Opportunities from Liberalization and

Regionalization e-Marketplaces e-Payment infrastructure Consumer Protection Cross Border Certification Intellectual Property rights Protection Privacy

Wireless Local LoopDomestic Internet ExchangeRegional Training CenterLow Cost PC ProgramRural EmpowermentOpen Source solutions

Machine TranslationDigital ArchiveE-Learning

UNCITRAL Model Laws

World PKI Forum

WIPO

Concerns of developing countries and LDC

Concerns of developedcountries

And industrial

leaders

Concerns of developing countries and LDC

Concerns of developedcountries

And industrial

leaders


25

Thank you

for your attention.

Sawasdee

NECTEC+CICC Seminar on Information Security Technologies: Towards e-Government November 19, 2003,...

Documents

Transcript of NECTEC+CICC Seminar on Information Security Technologies: Towards e-Government November 19, 2003,...