Professional Documents
Culture Documents
Many government ministries offer some kind of fee-based service to the public, and encourage online payment for these services via credit card. For example, the public can access government web sites to pay speeding tickets, purchase recreational fishing licenses, or book national park campgrounds online. In CGIs original solution, inputting a credit card number invoked their payment gateway at the finance ministry, which then acted as the central clearing house. Fundamentally, the payment gateway was technologically sound, but adding new merchants incurred a large IT overhead. To control costs while expanding their portfolio of fee-based services, the government required a more flexible way to add new Ministries and/or new Ministry services on an ad hoc basis. Additional criteria included support for encryption and digital signing that would be part of an overall push toward PCI compliance.
and submits it to the existing ASP-based Web interface, which in turn submits it to a handler behind several based security zones. The handler sends the response, including a transaction ID, which the client must send back to confirm the transaction, otherwise the transaction is rolled back. he The SecureSpan Gateway allows CGI to define and enforce security policies at run-time, as well as perform XML , schema validation for threat protection The Gateways native X.509 capabilities are used to provide an alidation protection. provi authentication/authorization framework in conjunction with the finance ministrys existing LDAP service. The inistrys service Gateway also provides message level cryptography including signature validation and decryption of incoming cryptography, content.
The Results
Today, over 20 Ministries are taking ad advantage of the new PCI-compliant credit card payment system, with more system being added every month on an ad hoc basis. We made a good decision two years ago in Centralized enforcement of security policies gave CGI consistent security across all choosing Layer 7s applications thereby eliminating the time and effort associated with coding and applications, SecureSpan Gateway, and maintaining security details in each back back-end application. we are very satisfied with The XML VPN Client allowed CGI to essentially drop in a software solution that the results! would handle all encryption, digital signing and other credentialing independent of Marc Bourassa, Director, the client application while ensuring PCI compliance. This allowed CGI to avoid . Consulting Services, having to code (and subsequently test and deploy) security requirements in each of ) Financial Services Sector, CGI Group, Inc. the Ministrys client applications a key capability in allowing CGI to meet project timelines timelines.
Copyright 201 by Layer 7 Technologies, Inc. (www.layer7tech.com). 2011 All other trademarks are the property of their respective owners Layer 7 Internal Use Only owners.