Transcript E Tendering System - Rhein India Technologies Pvt. Ltd.

Agenda
•
•
•
•
•
•
•
•
About Us
What is e-Tendering?
Benefits to your Organization
Benefits to Suppliers/Contractors
Manual Vs Electronic Tendering Comparative
Legal Compliance
Is e-Tendering Secure?
Ease of e-Tendering –Tender Cycle
About Us
• Information Security Management System (ISMS) is must for
e-Procurement as per MDB’s e-GP Guidelines.
• We are the only an ISO/IEC 27001:2005 Certified eProcurement company
• Government of India approved Software Testing and Quality
Certification (STQC) certified Application Software
• The only company whose management has 25 Years of
combined experience in handling e-Procurement of various
types
• 500 Cr. (More than 100 million U.S. $) Worth of eProcurement for various organizations
• The one stop shop for all your e-Procurement requirements
The Solution/Services
• ABCProcure the e-Procurement suite comprise of
– e-Tendering
– e-Auctions
– Reverse Auction
– e-Sourcing
•
Over and above this we also offer
– PKI consultancy & support
– e-Procurement Consultancy
– Customized e-Procurement solutions for
enterprise
Our USP
• The only e-Procurement suite developed using Free and
Open Source Software's (FOSS) like Java /Linux /MySQL
which means
– More secure
– Low deployment cost
• Only e-Proc. Application that supports JAVA based PKI Signer
• Supports all CA’s Digital Certificate of different classes
• The only e-Procurement solution that supports all browsers
• Dynamic & Flexible application with inbuilt workflow
• Available on Windows/Linux operating system
• Multiple Options Rental/Annual License/Ownership
• Young Team with average age of 30
Our Customers
•Ahmedabad Municipal Corporation
•Health Department, Gujarat
•Gujarat Gas Company Limited
•Gujarat Industrial Development Corporation
•Gujarat Urban Development Corporation
•Gujarat Maritime Board
•Dishman Pharmaceuticals & Chemicals Ltd.
•Ramky Infrastructure Projects Limited
…more
What is e-Tendering?
• E Tendering is a process of carrying out entire Tendering Cycle
Online including submission of Price Bid such that Efficiency,
Economy, Speed of Internet can be harnessed.
• E Tendering Cycle can be broken in Key Modules
1) Tender Notice Creation
7) Tender Storage & Opening
2) Tender Promotion
8) Tender Evaluation
3) Tender Document
9) Negotiation
4) Pre Bid Meeting
10) Tender Award
5) Bid Submission
11) Vendor Registration & Rating
6) Payment Gateway
12) Tender Audit & Storage
Benefits of Tendering Authority
•
•
•
•
•
•
•
•
•
•
•
Completely Automated Process
Shortens Procurement Cycle
Economical and Environment Friendly
Greater Transparency
Improvement in work culture in the departments
System aided Evaluation process
On the fly reports/comparatives statement
Minimize Human errors
Minimal Storage Spaces
Change in Perception – Progressive Organization
Lesser hassle of communication and administration
Benefits to Suppliers/Contractors
•
•
•
•
•
•
•
•
•
Anytime & Anywhere Bidding
Fair, Free and Fearless participation for vendors.
No dependence on Newspaper, Courier, Banks,…
Zero Administrative hassles
Can carry out all activities from any computer
Economical – saving on Traveling cost
Reduces efforts & cost of bidding
No tenders can be missed because of distance
Can submit bid on last minute
Manual Vs E Tendering System
Manual Tendering System
• Longer Procurement Cycle
• Expensive
• Paper Based Procurement
• Restricted Mobility
• No work on Holidays
• Prone to Human errors
• Content not sharable
• Physical Security
• Wastage of space to store bids
• Not retrievable
• Ideal till 2003
E - Tendering System
• Shorter Procurement Cycle
• Economical – Fixed Cost
• Environmentally Friendly
• Anytime – Anywhere Bidding
• Bidding possible on Holidays
• Automated & Accurate process
• Shareable Content
• Foolproof Security
• Lifelong storage on CD
• One click access to bids
• For year 2004 & Beyond
Government Guidelines
•
Project Administration Instructions, ADB- November 2005
Executing Agencies (EAs) may use electronic systems to conduct
procurement on ADB- financed contracts where the procedures involved
meet acceptable standards. A guide has been prepared in co-operation with
the World Bank and Inter- American Development Bank
•
For E Commerce Activities – IT ACT 2000
Any document which is digitally signed, by digital certificate issued by a
licensed Certifying Agency (CA) who is approved by Controller of Certifying
Agency (CCA) will be considered as a valid document in the court of law.
•
For E Procurement – CVC Guidelines
E Procurement is allowed as per the guidelines of CVC order no. 46/9/03
provided the E Procurement is done in a fair and transparent fashion & IT
Act 2000 is complied
Strategic Alliances
•
•
•
•
•
•
•
•
IBM for Software
OS – Microsoft /Linux
RDBMS – Oracle / MYSQL/SQL
Front End – Sun JAVA / Dot Net
Data Centre – VSNL
Broad Band – BSNL / VSNL
Payment Gateway – ABCPayment
Biometrics – Secugen
Computer Specification – User End
•
•
•
•
•
•
•
•
•
Any Desktop with 16 MB Ram/20 GB HDD or Higher
OS – LINUX /Windows
Browser – IE/Netscape/Mozilla/ Firefox /Any Browser
Java Run Time – Freeware
Valid Digital Certificate
Token/Crypto Key for DC – Optional
Biometrics – Optional
Digital Signer & Cipher– Freeware
Net connection – Dialup connection or better
Is e-Tendering Secure?
•
•
•
•
•
•
•
•
E Tendering Challenges
Detecting whether document is Tampered or not
Identifying a person in the faceless world of Internet
Non Repudiation
Document Secrecy
Bidding should not be allowed after due date and time
Bids cannot be opened before due date and time
Bids can only be opened by authorized officers
Digital Certificate
Public Key
Private Key
Digital Certificate
• Digital Certificate is your
Internet Passport
• Digital Certificate come
with 1 / 2 Years validity
• Can be procured easily,
in less than 8 Hours
• List of licensed Certifying
Agency (CA)
– TCS
– N Code (GNFC)
– Safescrypt
– MTNL
– NIC
Digital Signature
SELLERS
Public Key
Private Key
Keypair
Signed
Message
Message
Rs.
100/Only
Assemble
Hash
f899139df5e1059396431415e770c6dd
Digest
Encrypt
Signature
Digital Signature Verification
Buyer – Govt. Dept
Retrieve Public Key
Message
Signed
Message
Rs.
100/Only
f899139df5e1059396431415e770c6dd
Digest
Valid, If matches
Invalid, if doesn't
f899139df5e1059396431415e770c6dd
Signature
Decrypt
Digest
Digital Encryption/Data Enveloping
Sellers
Buyer – Govt. Dept.
Retrieve Public Key
Public
Private
Keypair
Encrypted
Message
Signed
Message
Rs.
100/Only
Encrypt
CXV;ZJ'#RTS%N
M:!jdt2 O:<Hti&
5I;e(T)$k>V;T
S%NM:!jdt2O
<Hti&5I;e(T)
#$k>ioSD76%$
Encrypted
Message
Transmit
CXV;ZJ'#RTS%N
M:!jdt2 O:<Hti&
5I;e(T)$k>V;T
S%NM:!jdt2O
<Hti&5I;e(T)
#$k>ioSD76%$
Signed
Messag
e
Rs.
100/Only
Decrypt
Digital Signature
• Non Repudiation – Signer cannot refuse that he didn’t
Digitally Sign a Document
• Any change in the document, tampers Signature
• Sign 1000’s Page document on a Click
• Sign any number of documents with 1 Digital Certificate
Digital Encryption
• Data Encrypted with Public Key, can only be decoded by
corresponding Private Key
• No one has decrypted data without Private Key
• RSA Open Challenge worth Millions of Dollars
• Highly Secure, used at various military installation across
the world to secure Data
• Used to protect Nuclear Missile Passwords, E
Commerce Activities worth billions on dollars on Internet
Biometrics
• Biometric verification of 2
authorized users can be used
in tender opening process.
• Finger print of any two
individual doesn’t match.
• Help to establish that user
remains physically present
when Tender opens.
Role Base Access
• Access to website is on the
basis of rights allocated to a
User or Group of Users
• This ensure that Tampering by
unauthorized person is not
possible
• Existing Organization
hierarchy can be mapped to
the system
Time Based Access
• No activity can be carried
out before due date &
Time for e.g.
Tender cannot be opened
even by authorized User
before due date
• Server Time cannot be
tampered as it is mapped
to National Standard
Time Server
Time Stamping
• Key processes are time stamped
– Tender cannot be proponed
– Tenders cannot be submitted
after
Due date and time
– Tender cannot be opened
before
Due date and time
• All processes can be time
stamped
Architecture
Secure Electronic Tendering Process
•
We follow the following process for secure Bid Submission &
Opening
1. Create Bid
2. Generate Hash
3. Generate Attached Signature (Bid + Digital Signature)
4. Data Enveloping/Encryption using Public Key of Digital Certificate
5. Bid Submission using SSL
6. Tender Opening Date & Time Verification
7. Tender Opening Rights Verification of the Officer
8. Biometric Verification of the Officer
9. Data De-enveloping/Decryption using Public Key of Digital
Certificate
10. Signature Verification
11. Hash Verification
12. Original Bid
Electronic Sealed Envelope
Step 1: Bid Creation Stage
– Price Bid
– Attached Digital Signature
– Asymmetric Encryption (Supplier Public Key)
Step 2: Bid Submission Stage
– Decrypt Bid (Supplier Pvt. Key)
– Signature Verification
– Asymmetric Encryption (Buyer Public Key)
– Tender opening (Buyer Private Key)
Standards notified in India
•
Public-key cryptography
– Asymmetric Cryptosystem - RSA
– Diffie-Hellman Public key Cryptography
•
Digital Signature Standards
–
–
–
–
•
MD5 -Hashing Algorithms
SHA-1 -Hashing Algorithms
DSA Signature Algorithm
RSA Signature Algorithm
Directory Services (LDAP ver 3)
– X.500 for publication of Public Key Certificates and Certificate
Revocation Lists
– X.509 version 3 Certificates as specified in ITU RFC 1422
– X.509 version 2 Certificate Revocation Lists
•
Public-key Cryptography Standards (PKCS)
– PKCS#1 - PKCS#15
Ease of e-Tendering –Tender Cycle
e-Tendering involves following phases as per convential
tendering systems.
• Phase 1: Pre Tendering Activities
• Phase 2: Tendering Cycle
• Phase 3: Post Tendering Activities
General Questions?
•
•
•
•
•
•
•
•
•
•
Validity of eTendering/eProcurement – IT ACT 2000
Legal Compliance – CVC, PWD Guidelines
Security Issues? ISO/IEC 27001:2005 Co.
Quality of Service – SLA
Training your employees?
Training your Suppliers/Bidders?
Backup and Business Continuity?
Digital Certificate
What value of Tenders can be procured online?
How to Get Started?
For further details contact us at our following
address:
Mr. Ajay Singh
9811113345
M/s P.J. Softwares Ltd.
E-mail: [email protected]
Web Site: http://procure.pjsoftwares.com
Thanks…