Dr. Hoang Le Minh
Director of Vietnam Software Industry and Digital Content
- Important role of national ICT infrastructure
National ICT infrastructure is a very important component to operate IT applications for state management, social management, and service provision. public, economic, commercial, cultural, educational and medical development. ICT infrastructure, also called this digital environment, needs to be built, managed and operated in accordance with the appropriate model, meeting the basic needs of data storage, processing and exchange, ensuring national information security and security. To a certain extent, this infrastructure also needs to provide good support for copyright protection for digital content and IT services offered online.
Like transportation infrastructure based on the system of roads, bridges, and yards … the national ICT infrastructure is built and operated. on the basis of internal computer networks, urban networks, wide area networks and Internet, telecommunication network connected by copper, optical, wireless, mobile, stations, local stations, gateways international connection … together with data centers and operating management centers, where servers, network equipment, control and security equipment are operated, IP address management system, name domain and other national resources. Most of this “hardware” infrastructure is invested, built and operated by Vietnam’s telecommunications – Internet enterprises.
Manage to effectively exploit the national ICT infrastructure, creating a favorable environment on which all businesses have the capacity to provide information Information and services, from small and medium enterprises, private enterprises, foreign invested enterprises to large enterprises that dominate infrastructure can equally participate in construction, operation and supply. digital content and IT services, complying with the provisions of law and with reasonable costs are an important responsibility of the State.
- Open connection environment of the Internet and legal issues
Similar to the transport infrastructure used for transport vehicles that can travel freely, digital environment (Internet) built from the beginning On completely open architecture ideas, enabling IP-connected devices can easily connect and exchange data with each other without requiring any additional conditions. With the rapid growth of the Internet in just half a century, the number of IP addresses (version 4), with more than 4.4 billion addresses, has been exhausted, forcing the tech world to release the address version. Newer IPv6 with 340.282.366.920.938.463.463.374.607.431.768.211.456 different IP addresses! However, changing technology from IPv4 to IPv6 requires a lot of costs related to equipment, infrastructure, and software, and this is not an easy transition process for countries behind infrastructure like Vietnam. Male (United States, Europe are countries that own many IPv4 addresses, so there is no need for large-scale conversion).
To overcome the shortage of IP addresses, many networking technologies have emerged, especially the widespread use of virtual network connections and network connectivity. use exclusively with internal IP addresses, addressing and connection port techniques to an IP address that can be used for tens of thousands of different network connections. This has led to the current situation of Internet public connection not only being unable to control the legitimacy of IP addresses, but also easy for bad elements to take advantage of spreading or stealing information. digital content, undermining online IT services by large-scale denial of service attacks, can cripple an entire country’s ICT infrastructure.
It is possible to compare the current state of the Internet today, with the open model embracing all connections as a transport system on which the media does not need to register for circulation, the driver of the vehicle does not need a driver’s license, traffic violations are difficult to handle by the “anonymity” of the vehicle and the operator completely! This is the biggest difficulty, being an easy environment for violations of copyright and intellectual property rights in a digital environment with immediate risk of being even more difficult to detect and handle.
- Proposing a management model to provide information – IT services on the Internet based on the identity management system and cloud computing technology
To remedy confusion, anonymity, deny an admission of infringement of intellectual property rights, copyrights and protection of activities Online business, in many countries and from time to time, there are many solutions, management and licensing models for the provision and use of online information services applied, with other advantages and disadvantages. each other.
It is possible to look at a number of models that have been applied in Vietnam, based on international experience:
3.1. Management model based on administrative regulations (registration of IP addresses, telecommunications service subscriber addresses, Internet service users).
The administrative management method has been applied by many countries when registering and providing Internet services. In Vietnam, there was a period when the State required Internet service users at public access locations (Cafe Internet) to present their ID card, the subject using IP addresses must be responsible for the delivery. Spread or steal information from the IP address managed by you. The latest Decree of the Government (Decree 72) and the Circular (drafted by the Ministry of Information and Communication) related to the management of Internet activities are also directed towards this model.
The administrative regulations in the management of ICT services on the Internet will only take effect when all violations are specifically attributed to internet users, with full of infringing witnesses, violation time, violation locations … In order to gather full information of this technical evidence, the agency manages and executes The law will need a lot of time, effort and cost, also means that the handling of intellectual property rights violations on the Internet is not simple, sometimes even difficult and impossible. If the evidence used is fake, there is no technical means to authenticate.
3.2. Management model based on issuing and authenticating digital certificates (registering using digital signatures, smart cards, password tokens).
This is the most complete management model, but it is also the most expensive in terms of cost and technology, so it cannot be widely applied to all types of communication. information and services via the public Internet.
The general psychology of providers of information and services on the Internet is that it needs an open and easy environment to connect and use services for users. . If you need a user to register for the test, this process must be minimal, can accept anonymous, anonymous subscriptions for trial use and free use of the service for a while.
Registering too easily or too hard for digital certificates or identifiers managed by each provider will lead to disabling the management system list, causing inconvenience to users and many other obstacles.
3.3. Management model based on identity allocation and authentication required by state management
In this model, the original identifier can be an email address, a public social network account that the user owns. However, with centralized management, this model will quickly be updated with the basic functions of the digital certificate delivery and management model that users and organizations, agencies and businesses provide. Digital content does not have to invest more infrastructure, additional costs to manage and overlap authentication cause inconvenience to management agencies and users.
The nature of the identity and authentication management model mentioned above is through the application of cloud-based identity and connection management technologies based on complete identity. All new follow the principle of “pre-connection authentication”, as opposed to the “connect and authenticate before” model of most current Internet services.
In essence, the above-mentioned identity management system needs to become a “software” infrastructure that operates on national and local ICT infrastructure. that many national governments applying and developing IT at advanced level (China, Japan, Korea, Singapore, Taiwan, Malaysia, Australia, etc.) are all under construction.
In Europe, North America (United States & Canada), due to its global management system and IT service provider for hundreds of millions of people used by many IT corporations in these countries for many years (Google, Facebook, Apple, Microsoft, AT & T, Vodafone, Alcatel), these governments need not directly stand out. investment, construction and management only need to work closely with businesses in ensuring safety – network information security (and in combination with spy activities to target criminals in other countries).
Identity management and allocation system is not only used for network service users (account registration, password, authentication mechanisms guaranteed multi-step) but also used for licensing, managing connection of private networks, connecting users to cloud data and information stores. On this infrastructure, organizations, agencies and businesses can absolutely love providing digital content information and IT services, leasing resources and services to all customers, including there are state agencies, complying with legal regulations on ensuring the safety of information content, shared database and service quality.
The system of managing and allocating national identifiers, due to the large scale of use, should be assigned to a specialized agency with state management functions ( in Vietnam is the Ministry of Information and Communications) responsible for construction and operation management.
With the new policy of the Government changing the method of building ICT infrastructure, from investing and directly operating the “hardware” infrastructure items. Through the form of outsourcing to use the service provided by the enterprise, if there is no “software” infrastructure management model, it is the centralized identification system that connects users with information and IT services. , there is no comprehensive and homogeneous security solution that will generate a lot of legal consequences, not creating conditions to handle violations of intellectual property rights to digital information and IT services, Copyright in Internet environment.
Due to the complexity of the connected infrastructure and IT service providers at the data scale, it is necessary to manage, as well as other problems arising in the supply services beyond control, beyond the capacity to handle and operate even for large enterprises (VNPT, Viettel, FPT). It is not a good solution to share this work for many businesses. The state should soon have a solution to the problem of managing Internet identities to overcome the biggest barrier now that limits the development of services to provide information and digital content via the Internet public network.
- Objectives and contents for building a national ICT infrastructure management and exploitation system
4.1 Connection and security information management system (identity management)
This management system needs to manage the following information and data:
- Identify levels for all users of national IT infrastructure (Government), including all civil servants, state officials, leaders and members of organizations and businesses involved in the supply public service and all citizens use public services online.
The scale of the original system needs to manage about 40-50 million accounts (identifiers) and can be expanded to connect to a public code management system People (database of citizens) in the near future when national databases are built and operated.
- Identify levels for state organizations, agencies, businesses, economic organizations, political and social organizations (about 500,000 accounts, can expand and connect to the code management system tax amounts, agency codes, organizations and enterprises in the future).
- Identify the level of system resources involved in connecting national IT infrastructure (data warehouses, databases, shared network resources, host computers, workstations, mobile devices and devices) peripheral, sensor, …)
Based on identity management system and identity authentication, necessary encryption mechanisms (based on password, personal password, digital signature) , authentication key, …) needs to be built and deployed to ensure data security
The identity management system for IT service connectivity is described as above in state agencies, organizations and businesses in terms of operational functions. It is possible to compare (or replace) the system of sectarian and e-signature authentication (CA) which is being built by many agencies and units. However, with a large cost for CA infrastructure, the application capability is very limited in connection management and IT service security because it is based on an outdated technology foundation with a life span of 30-40 years, CA management systems and digital signatures will only be applicable to a very narrow range in Vietnam, as well as in the world.
4.2 Infrastructure of electronic archives (electronic documents, records – documents, forms – digital records …) used in muscles State agency.
This data warehouse infrastructure is used to store data and connect to business and management software, perform the above information exchange functions. Intranet, private network, wide area network and in some cases Internet public networks, fully comply with the current administrative regulations such as the Archives Law and the current law provisions.
4.3 Network of agencies, organizations and service enterprises providing digital content information on the national ICT infrastructure
This service provider network needs to rely on the management system and allocate national identifiers, data storage services and provide information to the agencies. Government, digitalization, data entry and case management services, other necessary public services for other information in developing national databases, specialized databases, management and licensing, health care , health, education, environmental monitoring and protection, climate change prevention provided by organizations and businesses.
4.4 Consultancy activities, awareness raising training, deployment training, appraisal and evaluation, performance evaluation of the management management system identifier in providing information services on the Internet.
This content is very important and should be taken care of by state management agencies, included in the regular operation program, funded by the budget for real present yearly.