SI Responsibilities Template (Cloud Deployment)

Owned by Krishnan Rajagopalan
Last updated: Jul 02, 2021
5 min read

Scope of work

Description

Deliverables

Pilot

Notes

MOSIP platform knowledge

Acquire sufficient knowledge of the architecture, design, code and deployment of the MOSIP platform.

 

Y

The platform training will be imparted by the MOSIP team.

Requirements and Scoping

Study the requirements and arrive upon scope of work (SOW) for implementation.

System Requirements Specifications (SRS)

Y

 

Technical Design and Architecture

Based on the requirements and Scope, arrive upon a technical design and architecture

Design Docs
Architecture Docs

Y

 

Secure Infrastructure and deployment architecture using AWS Managed Services

Creating a secure deployment architecture on AWS Cloud that includes Virtual machines, API Gateways, Network policies using the managed services from AWS.

Deployment Architecture Doc

Y

AWS Managed Services (AMS) helps you operate your AWS infrastructure more efficiently and securely. Leveraging AWS services and a growing library of automations, configurations, and run books, AMS can augment and optimize your operational capabilities in both new and existing AWS environments. https://aws.amazon.com/managed-services/

Pilot : Minimalistic architecture can be arrived upon. One can simply copy the MOSIP v3 deployment architecture in this respect.

Biometric Requirements

Arrive upon Biometric requirements specifications covering
-Registration devices needs (L0)
-Authentication devices needs (L1)
-ABIS (multi-modal or single model ABIS), Multi-tier architecture
-Biometric SDK needs

Biometric Spec doc

Y

For Pilot, the number of Biometric devices would be limited as per the needs of the pilot.

Cloud Infrastructure

Creation of the Infrastructure on AWS using AMS IaaS and PaaS tools based on Secure Infra and Deployment Architecture agreed upon,

Create best practices and tool sets using the APIs and utilities provided by Cloud providers on AWS for efficient running of the infrastructure.

Country ID system Infra on Cloud

Infra Management utilities
Infra Management best practices

Y

Pilot : MOSIP’s deployment scripts can be directly used with minimal changes.

Best practices and tool sets are not required for the pilot.

Registration Kits and Authentication devices

Help in identifying the device providers, finalization, procurement, testing and commissioning

Registration Kits and Authentication devices

Y

Pilot: Minimum registration kits. No need to go through a full blown procurement process.

ABIS and SDKs procurement

Help in identifying the most suitable Cloud-ABIS that is compatible with AWS Cloud, finalization and procurement.
Integrate the Country ID system with ABIS.

Help in identifying a suitable Biometric SDK for server and Windows client, finalization and procurement.
Integrate the SDKs with Country ID system.

ABIS and BioSDKs

Y

 

HSM

Identify the best-in-class HSM and integrate with the ID system.
Create policies and mechanisms to backup and rotate HSM keys

HSM

N

AWS CloudHSM is a cloud-based hardware security module (HSM) that enables you to easily generate and use your own encryption keys on the AWS Cloud. With CloudHSM, you can manage your own encryption keys using FIPS 140-2 Level 3 validated HSMs.
https://aws.amazon.com/cloudhsm/

Pilot : MOSIP provides a software HSM as part of the platform.

Security

Procure Certificates for use with ID Systems

Identify the security vulnerability tools (open source or paid) for security vulnerability testing. The following would be needed
-A comprehensive cybersecurity policy
-Perform risk assessment
-Prevent threats
-Provide adequate cybersecurity training
I-mplement an Information Security Management System

Establish security processes for identifying and responding to security incidents that occurs time to time.

Certificates

Security Tools

Processes

Information Security Management System

N

Pilot : MOSIP provides self-signed certificates within the platform.

Country ID Data Center

Help in setting up a small-scale data center for various housekeeping activitives
- ID Card Printing
- Data backup and restore
- ID Updates
- Sample Demo kits
- Systems for evaluating tools time to time
- Incident management
- Helpdesk services

-Data center setup
-Data center admin tools
-Data Center management cookbooks
-Incident Management tools
-Helpdesk tools

Y

Pilot : The data center needs abilities for card printing + backup/restore.

SMS and e-mail provider

Identify and configure the SMS and e-mail provider with the ID System for resident notifications

 

Y

 

ID Schema and Master data

Work with Govt stakeholders in defining the Country ID schema and master data and the rules around it.

Country ID Schema files
Country Master data files

Y

 

Deployment and Configuration based on accepted Secure Deployment Architecture

-Creation of deployment scripts
-Deployment and configuration MOSIP server on the Cloud
-Testing and fine tuning the cloud parameters for optimimum performance.

Country ID System on AWS

N

 

Customization

-Identify the customization requirements, proposals and system design.
-Customization of various MOSIP modules to the needs of the ID System.
-Customization of the administration module
-Demos, feedbacks and changes

Customized modules

Y

Pilot : Scope of customization needs to be arrived upon for various modules. It could be minimal customization of the pre-reg, reg client and admin modules. Direct re-use of the modules with min. UI changes can be a way forward.

Mobile Apps

-Identify the needs for mobile apps
such as Citizen apps for registration, booking, downloading ID cards,
Updations, reporting issues and addressing concerns,
Administrations
-Design, implement or procure the mobile apps
-Make the mobile apps available on playstore and/or appstore for residents to download and use

Mobile Apps

N

 

Reporting and Auditing

-Discuss and identify various reporting and auditing needs

-Design and implement a reporting and auditing  infrastructure with the ability to generate new reports,  export reports in various reporting formats, share reports with stakeholders etc.

-Integrate reporting solution with the ID Portal



Reporting Design 



Reporting Portal



Reporting and auditing APIs



Y

Pilot: Basic canned reports only

ID System Administration

-Identify various administration use cases
-Modify the admininstration console to incorporate the use cases
-Create a "ID systems Administrators cook book"

Customized admin module
Administrators cook book

N

 

Public Portals

Discuss and identify the needs for creating public portals for various needs within the country such as
- Pre-registrations and appointment books for new registrations and updates
- Resident portal for downloading ID Cards, Updates to ID data etc
- Other portals as identified by the Govt.

Portals

N

 

Software Engineering processes for development, support and maintenance

Establishing DevOps pipelines for end to end lifecyle

End to End testing of the ID System

Fixing of issues on time

Establish mechanisms to work with MOSIP team on getting support issues resolved in a timely manner

Establish Governance mechanisms using tools for efficient management and tracking of the project

Software engineering processes setup

Incident Tracking (internal and external)

Test dasboards and reports

Project Tracker Dashboards

Y

Pilot : Consider the following

DevOps pipeline, Pilot testing as appropriate, Use MOSIP’s Jira Service desk for reporting platform issues, use simple but effective project management and Governance mechanisms.

Integrating with COTS

Integration with Commercial Off-the-Shelf software for things like
-Business Intelligence and Data Analytics
-Customer Relationship Management
-Card Management System (Card distribution, Tracking card)
-Document Management System
-Fraud management System
-Knowledge Management System
-Help desk & Call center

Identification and procurement of the COTS tools and integration

COTS tools

N

Some of these tools may be available as hosted applications on AWS

Setup Registration Centers and field operations

This would include setting up the registration centers with all the required devices, network infrastructure and peripherals needed for functioning of the registration center

 

Y

 

Field Pilots

Helping in performing various field pilots to demonstrate various solutions to stakeholders

 

 

 

Training and Capacity Building

Supervisor and operator training
ID systems adminstration training
Troubleshooting and Issues resolution

 

N

Supervisor and operator training may be done in a centralized location by trained ID professoinals or the country may appoint couple of trained ID professionals in different zones.

Card Printing

Enable ID Card Printing and assit the Govt in ID Card Issuance

Country ID Cards

Y

 

Acceptance and Go Live

Driving go live operations resolving issues as they occur quickly
Monitoring and making changes to the ID Systems as appropriate
Reporting
ID Card Issuance

 

Y

 

Grievance Redressal

Create a Grieviance Management system or integrate with existing system.
Evaluate automated mechanisms like BOTS, IVRs, Mobile Apps etc

 

N

Grieviences can occur duirng the pilot, while going live or when the system is actively running.

Transition

Transition and handover to a new service provider at the end of the tenure.

 

N

 

Technical Support

Provide a comprehensive support for a period of N years which incudes
-Logging and fixing field issues
-Liasoning with MOSIP to get platform issues resolved in a timely manner
-Liasoning with external hardware and software vendors in issues resolutions
-Create repeatable mechanisms for patching, upgrading and migrating to new versions as appropriate
-Create a Technical support practice document

Support tools
Support processes
Support Best Practices document

N

 

SLA Management

Adhere to the SLAs that has been agreed upon. Provide mechanisms in form of tools for
SLA monitoring
SLA reporting
Integration with Incident Management system

SLA monitoring and reporting tools

N