Upload
stella-norman
View
215
Download
0
Tags:
Embed Size (px)
Citation preview
Web Conference Web Conference
onon
Global Dialogue on Technology Global Dialogue on Technology
Solutions Solutions
for for
E-ProcurementE-Procurement
Presented byPresented byVIDYADHAR MUTHYALAVIDYADHAR MUTHYALA
Project Manager,IT&C Department, Government of Andhra Pradesh, Project Manager,IT&C Department, Government of Andhra Pradesh, IndiaIndia
Government Procurement Processes
Preparation Execution Securities
Ordering & Payment
Pre-Qualification/Tendering
Catalogue
Reverse auctionPre-Qualification
Tracking Download Clarification Upload OpeningDisclosure
Iden
tific
atio
n of
nee
ds
Cal
l for
bi
ds o
r qu
otes
Sign
ing
of
cont
ract
Rec
eipt
of
prod
ucts
or
serv
ices
Exp
irat
ion
of
guar
ante
e
Pur
chas
e or
der
Contract Management
Tendering (Low Volume, High Value)
Purchasing (High Volume, Low Value)
Identify Supply Needs
Specify Requirements
Acquire Goods or Services
Manage Materials
Use, Disposeand Settle
Update Catalog ProvideSpecifications
Bid, ProcessOrder
MaterialsShipment
ProcessPayment
• e-Requisition• e-Approval• RFI, RFQ, RFP• Tenders
• Reverse Auction• e-PO• e-Release• e-Changes• e-Confirm
• e-documents:• ASN• Ship status• Receipt
• Supplier web report card
• e-Invoice• EFT
• Credit auth.• Debit auth.
• e-Credit/Debit
• e-Catalog• Pricing• Availability• Commit
• e-Configure
Buyer
Supplier
e-ProcurementProcesses
eProcurement Process spectrum
Standard e-GP system & Webpage V1.0
Standard e-GP system & Webpage V1.0
Technical Standards, Architecture, Functionalities & Interoperability
Technical Standards, Architecture, Functionalities & Interoperability
Procurement Law, Regulation & Policies
Procurement Law, Regulation & Policies
Procurement Documentation & Templates V 1.0
Procurement Documentation & Templates V 1.0
Civil Works Processes and Documents
Civil Works Processes and Documents
Products, Works, Services Codes & Identifiers V 1.0
Products, Works, Services Codes & Identifiers V 1.0
Procurement Training & Accreditation V 1.0
Procurement Training & Accreditation V 1.0
Standard systems & processes developed
and maintained nationally
State Governments Optional & Mandated
systems
State Governments Optional & Mandated
systems
National Ministries & Agencies
Mandated Systems
National Ministries & Agencies
Mandated Systems
AABB
DD
GGHH
KK
APAP
CC
Standard Model Approach
Firewall PIX 515e
Internet Cloud
Gate Way router
Internet Data Centers
Servers
L3 Switch
L2 Switch
IDS
L3 Switch
Firewall PIX 515eFailover
VSNL MAN VSNL MAN
E-Procurement Infrastructure DiagramE-Procurement Infrastructure Diagram
Procurement Portal•All policies and regulations available•Request hardcopy of documents•Tenders Seek facility•Awarded & Archived contract information•e-documents: Ship status, Receipt
Components of a e-Procurement System
Supplier Registration•Centralized Supplier database•Single Window•Supplier query handling
Indenting•Indent Generation & Approval•e-Requisition•e-Approval
e tendering•Early Bid Advice•Bid Advertising•Bid/Tender Document Download•Bid Addendum Notification•Bid Clarification•Electronic Bid Submission•Bid Tracking•Bid Search
e- Auctions•Bid Registration •e-Bid Document Construction (EBDC)•Bid Lodgement System (BLS)
Catalogue based Procurement•Catalogue search facilities•e-Catalog
•Pricing•Availability
•e-Configure
Bid Evaluation•Auto Bid Evaluation System •Bid Workflow and Data Management •Bid/Contract award•Pending award tracking
e- payments•Online Payment •e-Invoice•National Electronic Fund Transfer•e-Credit/Debit
Contract Management•Online measurement book for works•Delivery monitoring•Payment triggers
MIS Report•Audit trails, access logs•Spend Analysis•Demand Aggregation•Supplier web report card
Approval workflow•Uploads documents and drawings•Digital signatures•RFI, RFQ, RFP•Procurement mechanisms
Requisition Generation
Requisition Approval
Cost Estimation
Requisition Consolidation
Requisition TenderRequisition Tender Bidding Evaluation Bidding Evaluation
Tender Purchase
Bid Submission
Pre-Qualification
Technical Evaluation
Commercial Evaluation
Award of Contract
Bidder ProcessBidder Process**
Tender Creation
Tender Approval
Tender Publishing
Corrigendum
Pre-Bid Meeting
Payment ofEMD
E-Procurement Solution: E-Procurement Solution: Tender ManagementTender Management
RequestRequest&&
SourceSource
BuyBuy &&
PayPay MonitorMonitor
Salient Features - TechnologySalient Features - TechnologyStandards: Application has been strictly developed under CMM-LEVEL 5 & ISO 9001-2000
Certified Software Development Process.
Scalability: Built on .NET framework, hence promoting a neat implementation and
modularity.
Deployment: Based on Microsoft standards
Security: The application supports PKI (Public Key Infrastructure) i.e. usage of Digital
Certificates for Data Encryption and Signing.
Integration with Legacy Systems: The modular architecture can support Connectors and
XML based Services
Maintainability: Application based on .NET framework promotes neat coding standards
making the code manageable
Creates Indent
Selects Items
Enters detailsMechanical Accessories
SparesDelivery Periods
Delivery Locations
Submits for Approval
Next approver Logs in & Checks for pending tasks
Next approver checks the indent & edits if required or
Submits for next approval
Final approver checks the indent & edits if required or
Approves the indent
Final approver Logs in & Checks for pending tasks
Initiator logs in & Checks for pending tasks
C
INDENT / NIT MODULE
C
Initiator Submits for Approval
Next approver Logs in & Checks for pending tasks
Next approver Checks the tender & edits if required or
Submits for approval
Final approver Checks the tender & Edits/rejects/Reviews if required or
Approves
Final approver Logs in & Checks for pending tasks
Final approver Publishes the Tender
Published in E-Procurement portal
Initiator creates TenderTechnical Parameters
are entered/addedTender Details are entered
Bidder logs in using Digital Signature Certificate
Enters Technical, Price bid details
Enters Commercial terms details & attaches required documents
Encrypts &Submits
The Price Bid
Submits the bid
BID SUBMISSION MODULE
Competent Authority logs in
Assigns tender activities to concerned officers)
Initiator Logs in & Completes PQ, Technical & Commercial Evaluation in a Sequential manner
& Submits for next approval
Next approver Logs in & checks PQ, Technical & Commercial Evaluation in sequence &
Submits for next approval
Tender Inviting Authority Checks the evaluation & rejects/reviews or approves the tender
Tender Inviting Authority Decrypts the Tender
Tender is awarded
BID EVALUATION MODULE
6,600 Users at peak hour
Hours No. of Hits No. of Users
09:00 - 09:59 646,166 3,989
10:00 - 10:59 1,267,730 6,253
11:00 - 11:59 1,619,146 6,686
12:00 - 12:59 1,754,186 6,300
13:00 - 13:59 1,499,177 4,896
Total for the day 16,658,745 69,884
Peak Load Statistics from a Live SitePeak Load Statistics from a Live SiteSeptember 2008September 2008
Scalable to High VolumesScalable to High Volumes 580 nos. of tenders closed on 04580 nos. of tenders closed on 04thth Sep 2008 Sep 2008
Security & Authentication
Secured Hosting facility
Web security• SSL technology• Firewalls, Anti Virus, IDS
Two factor authentication• Password• Digital Certificates: IT Act 2000
Bid encryption at data base- Asymmetric public key Cryptographic method.
Audit trail of each activity
Good backup policy
Security audit by independent third party
Time stamping
Access control systems
Web Security…
Secured Socket layer
• SSL ensures security to data packets while transit over internet
• 128 bit encryption of data
• Snooping eliminated.
• Web server Digital Certificate authenticates the ownership of URL
Fire walls to filter unwanted traffic
• Protects services from Denial of Service attacks
• Malicious attacks, worms
Web Security
Intrusion detection system
• All packets are scanned for intrusion activity and malicious packets are dropped before reaching the server.
OS patches updated automatically
Anti-virus
• Real Time Protection Mode
• Application scans all uploads for virus at client end.
• All I/O and uploads are scanned in real time
• Cleans virus or quarantines infected files
• Updates signatures automatically
Two factor authentication
Single Factor (Password) authentication is weak and does not address repudiation issue. Hence, Two Factor Authentication is mandated in E-Procurement portal.
Mandatory Digital certificate authentication for secured login to the system
Digital certificates• Issued by CA authorized by CCA (Controller of Certifying
Authority), India• CA establishes trust chain• Class 2 certificates are issued after validating with documented
data base.• Certificate keys generated in pairs one is made public and other
is private
Bid encryption – Asymmetric public key cryptographic method
The Tender Inviting Authority publishes his public key at the time of NIT (Notice Inviting Tender)
Bidder signs the bid with his Digital Signature Certificate at the time of bid submission
The bid data is encrypted with a random key and random key is encrypted with public key of TIA (Tender Inviting Authority) and stored in data base.
At the time of bid opening the TIA decrypts the random key with his private key