Since the “911” incident happened in the United States, all countries< in the world have stepped up to enhance security measures for passport and visa αmanagement. Security Management System is mainly to provide security£ guarantee for e-passport and its applications.
Security Management System is mainly to provide security guarantee for e-passport and ¶its application, and solve the following problems:
Security of the blank passport booklet including the chip, to guarantee the chip of blank pa'ssport booklet cannot be read without authorization. &nb>sp;
Security of e-passport manufacture, in the process of e-passport product&ion by local foreign affairs offices, a large amount of data is tra↑nsmitted and stored between the Ministry of Foreign Affairs a↔nd the local foreign affairs offices. It is necessary to &ensure that the data of the credential is not leaked or tampered.
In the course of using the e-passport, it is necessary to' prevent the chip from being cloned, and the data of t>he chip is tampered with and randomly accessed.
The overall architecture design of Security Management System is as f™ollows:
The production of e-passports involves blank passport manufacturers, Ministry of Foreign÷ Affairs, and local foreign affairs offices. The security management system needs to provide secur$ity protection from the production of blank passport booklet •to the production and issuance of e-passport, and provide security for e-passport application.
This solution follows ICAO's relevant standards for e-passports and related requirements of the National Cryptography Administration, and complies with domes→tic laws and regulations concerning passports, password management, and informati>on security, and provides security guarantees for the production and applicatio♥n of e-passports.
Adopt symmetric key technology to guarantee the security of b∏lank passport and data transmission.
Adopt digital signature to guarantee the informatiβon stored in the chip cannot be tampered.
Adopt asymmetric key technology to prevent the passport chip from being cloned.
Based on Public Key Infrastructure, the authorization protection scheme could control♣ the access to chip information.
This system is an electronic passport document signature system established in accordance wi÷th the ICAO standards for electronic passports. It interfaces with the ICAO- PK$D system and enables electronic passports issued in Chinλa to be certified and cleared in all countries of the worl$d, and to achieve global interconnection of electronic passports. It has been applied to the manufαacture of e-passports by the Chinese Ministry of Foreign Affairs, local foreign offδices and overseas embassies and consulates.
As the chief integrator for the first phase of electronic service passport project for the Ministry± of Foreign Affairs, with years of experience and state-of-th←e-art technologies, NJA became a successful tender&er again for the second phase of this e-passport project. The successful bid laid a solid foundation for NJA in foreign affairs informatization area, it is← also a demonstration of NJA’s professional and technical strength in this field.