Upload
mimir
View
54
Download
0
Tags:
Embed Size (px)
DESCRIPTION
ASSOCIATION OF SERBIAN BANKS (ASB) CREDIT BUREAU (CB). CREDIT BUREAU. Rade Bačković, CB Head Predrag Rajačić, Belit Srećko Atana s ković, E-smart systems. AGENDA. FOUNDATION DEVELOPMENT CHARACTERISTICS OF THE SOLUTIONS EF FECTS OPINIONS TECHNOLOGY ASPECTS IS CHARACTERISTICS. - PowerPoint PPT Presentation
Citation preview
CREDIT BUREAU
ASSOCIATION OF SERBIAN ASSOCIATION OF SERBIAN BANKSBANKS (ASB)(ASB)
CREDIT BUREAU (CB)CREDIT BUREAU (CB)
Rade Bačković, Rade Bačković, CB HeadCB HeadPredrag Rajačić, BelitPredrag Rajačić, BelitSrećko AtanaSrećko Atanassković, E-smartković, E-smart systems systems
AGENDA
FOUNDATION DEVELOPMENT CHARACTERISTICS OF THE
SOLUTIONS EFFECTS OPINIONS TECHNOLOGY ASPECTS IS CHARACTERISTICS
FOUNDATION1. FOUNDED ON 18.02. 2004 WITHIN ASB
PURSUANT TO THE AGREEMENT CONCLUDED BETWEEN ASB AND BANKS
2. BECAME OPERATIONAL ON NOVEMBER 15TH 2004
3. DATA SOURCES AND USERS OF THE REPORTS ARE:
ALL BANKS (43) ALL LEASING COMPANIES (13) ALL GOVERNMENT AGENCIES AND FUNDS
(GUARANTEE FUND, DEVELOPMENT FUND, EXPORT FINANCING AGENCY, ETC.)
A NUMBER OF TRADERS
FOUNDATION
4. CURRENT ACTIVITIES ARE THE INCORPORATING OF:
THE TAX ADMINISTRATION LARGE TRADE ORGANIZATIONS
IN THE NEXT PHASE OTHER SOURCES WIL GET CONNECTED: TELCOS, PUBLIC SERVICE ORGANIZATIONS, ELECTRIC POWER SUPPLY COMPANY, AND OTHERS)
5. ADMINISTRATION AND MANAGEMENT BODIES:1. ASB MANAGING BOARD2. BUSINESS COUNCIL – OPERATIVE BODY3. MANAGER FROM THE ASB
DEVELOPMENT
1. DATA SOURCES WERE INCORPORATED INTO THE SYSTEM ACCORDING TO THE SIZE OF CITIZENS’ AND LEGAL ENTITIES’ OBLIGATIONS:
BANKS LEASING COMPANIES DEVELOPMENT FUND STATE (TAXES) RETAIL OTHER INSTITUTIONS (TELCOS, PUBLIC SERVICE
ORGANIZATIONS, AND OTHERS)
2. THE FIRST TO BE SUPPORTED WERE CITIZENS’ OBLIGATIONS, FOLLOWED BY OBLIGATIONS OF LEGAL ENTITIES TO INSTITUTIONS STATED ABOVE
CHARACTERISTICS OF THE SOLUTIONS1. COMPLETELY SELF-DEVELOPED SOLUTION (THE FIRST
CB WAS FOUNDED IN SERBIA IN 1928 AND LASTED UNTIL 1941, EXPERIENCE OF THE 26 CBs WORLDWIDE WAS EXAMINED)
2. COMPLETE DATA ON CITIZENS’ AND LEGAL ENTITIES’ OBLIGATIONS, BECAUSE CB IS RECEIVING DATA FROM ALL CREDITORS AND ABOUT ALL THEIR CUSTOMERS
3. DATA ARE UPDATED DAILY
4. FOR CITIZENS, DATA ARE MAINTAINED ABOUT THEIR: REAL OBLIGATIONS (LOANS, LEASING, CREDIT
CARDS, OVERALL CREDITS UNDER CURRENT ACCOUNTS AND ACTIVATED WARRANTIES)
CHARACTERISTICS OF THE SOLUTIONS CONTINGENT LIABILITIES (CITIZENS’ WARRANTIES), AND REGULARITY IN MEETING THE OBLIGATIONS
5. FOR LEGAL ENTITIES DATA ARE MAINTAINED ABOUT THEIR: REAL OBLIGATIONS, LOANS, LEASING, ACTIVATED
GUARANTEES,ACREDITIVES) CONTINGENT LIABILITIES (WARRANTIES, GUARANTEES, NON-
COVERED ACREDITIVES, AVALS)
6. DATA SOURCES SOLVE THE CLAIMS ON DATA INTEGRITY ON THEIR OWN, AND MAKE CHANGES IN THE DATA, AS THE DATA FALL UNDER THEIR COMPETENCE
7. BANK COUNTERS (1700) ARE THE CB COUNTERS
8. FOR DIFFERENT SERVICES DIFFERENT REPORTS EXIST, AS WELL AS A REPORT WITH A SCORING
CHARACTERISTICSOF THE SOLUTIONS
9. REPORT FOR A CITIZEN FROM CB MAY BE OBTAINED ONLY WITH THE PERSONAL SIGNED CONSENT OF THE CITIZEN, AND THE REPORT FOR A LEGAL ENTITY WITH THE CONSENT OF THE AUTHORIZED PERSON
10. THE TIME BETWEEN APPLYING FOR AND RECEIVING THE REPORT TAKES ABOUT 7 SECONDS ON AVERAGE
EFFECTS
1. ENFORCING ORDER TO BANK DATABASES2. SETTLED OBLIGATIONS FROM THE PAST3. THE TIME OF REQUEST PROCESSING
SIGNIFICANTLY REDUCED AND, CONSEQUENTLY, THE REQUEST PROCESSING COSTS
4. BANKS ENABLED TO INTRODUCE NEW PRODUCTS
5. LOWER INTEREST RATES DUE TO LOWER RISK6. CITIZENS’ OVER-INDEBTEDNESS PREVENTED
OPINIONS
1. INTERNATIONAL MONETARY FUND – THE CREDIT BUREAU IN SERBIA IS A SUCCESS STORY
2. THE WORLD BANK – A UNIQUE PROJECT IN THE WORLD
3. NATIONAL BANK OF SERBIA – INTRODUCED OBLIGATORY OBTAINING OF REPORTS FOR ALL LOAN AND LEASING USERS
Data Submission
Daily submission of data (submission of new data, and changes in the status and values of the existing data)
Defined standards for data exchange between Data Source and the Credit Bureau
Client applications for data import and transmission
Syntax and semantic validation in the data source
Digitally signed data
Data Acceptance
Data submission into private data source space
Data source responsible for accurate and updated data
Only Data source is authorized to add, change or remove data
Access to data only on the basis of the consent given by client
Reporting
Client application for report issuance A possibility of the B2B option (client
application integrated in report user’s information system)
Digitally signed approvals Report generation in electronic form
approval-based search of private spaces filling the reporting database generation of encrypted pdf report document report submission to the user
Technology, services, products
MS Windows 2003 Server platform: MS Windows 2003 Server (Standars or Enterprise) OS MS Network services (DNS, DHCP, IPSEC) MS Active Directory (W2k3) MS Message Queue services (Http Support) MS Certificate Services Schlumberger CSP, MS Smart Card services, Cryptoflex 8k v2
smart cards MS IIS 6.0 (ASP.NET) .NET Framework 1.1 ADO.NET MS SQL 2005 MS Exchange 2003 MS ISA Server 2004 Development platform VS .NET 2003
IS ArchitectureBanka korisnik
Server Izvora podataka
Baza podataka trenutnih
stanja
KreditReportApl
PAKETIXML dokumenti,
digitalnono potpisani
Https, autentikacija putem sertifikata, razmena digitalno potpisanih poruka, provera digitalnog potpisa
Kredit biro
Privatni prostor
Infrastruktura, Directory
Data Serveri
WEB Serveri
Aplikativni Serveri
websKomunikator
websPP
winsPP
MSMQ
File serveri
Zakupljena
Upravljanje
WEB Serveri
Aplikativni Serveri DB Upravljanje
webAextCli
webAintCli
websExtCli
websIntCli
MSMQ
winsUpravljanje
Upravljanje
Produkcija
Aplikativni Serveri DB Produkcija
webAintCli
winsProdukcija websProdukcija
MSMQ
Produkcija
Izveštavanje
Reporting Serveri File serveri DB IzvestavanjeAplikativni serveri
MSMQwebsIzvestajiMSSQL
Reporting Services
winsIzvestaji
Izvestaji
Infrastruktura
Infrastruktura, Directory
Kolaboracija
Firewall
File Services
Auditimg & Monitoring
IS Banke
DB serveri Baze podataka IS banke
Eksport podataka
Podaci za import
Pravila Importa i validacije podataka
KB klijent (šalter)
Razmena paketa
Web interfejsi eksternog klijenta
Https, autentikacija putem sertifikata, razmena digitalno potpisanih poruka, provera digitalnog potpisa
KB Interni Klijent
Produkcioni klijenti
Server resources...
Over 30 servers grouped by functions: Domain controlers, Ifrastructure servers (DNS, DHCP), CA servers Colaboration servers, File and FTP servers, Data servers Application servers Web servers
Phisical resource allocation
Communications and connecrions
Security aproach...
• Clear security commitmentClear security commitment• Full member of the security communityFull member of the security community• Microsoft Security Response Center Microsoft Security Response Center
SDSD33 + Communications + Communications
Secure by DesignSecure by Design
Secure by DefaultSecure by Default
Secure in Secure in DeploymentDeployment
CommunicationsCommunications
• Secure architectureSecure architecture• Security aware featuresSecurity aware features• Reduce vulnerabilities in the codeReduce vulnerabilities in the code
• Reduce attack surface areaReduce attack surface area• Unused features off by defaultUnused features off by default• Only require minimum privilegeOnly require minimum privilege
• Protect, Detect, Defend, Recover, ManageProtect, Detect, Defend, Recover, Manage• Process: How To’s, Architecture GuidesProcess: How To’s, Architecture Guides• People: TrainingPeople: Training
Security Perimeters
Internet
InternetFWBU1GB NetInterface
100MB NetInterface
Kredit biro
Internet
InternetFW
Privatni prostor
Web Serveri KB
PPFW
SEGMENT PP
Web Serveri KB
1GB NetInterface
100MB NetInterface
1GB NetInterface
100MB NetInterface
Interni klijenti Kredit biroa
KBFW
SEGMENT KB
100MB NetInterface
Interni klijent
SEGMENT IK
1GB NetInterface
B2B Architecture - resources
IS Banke
KBRazmena
IS KB
KBWS
KB Web Serveri
KBSrv
Direktni korisnici
Klijenti za rapidan unosRealizacija rapidnog unosaOn-line korisnici
Off-line korisnici
(HTTPS - Tunel)
(HTTPS - Tunel)
(HTTPS - Tunel)
HTTP (SOAP)
HTTP (SOAP)
HTTP (SOAP)
Credit Bureau facts ... Web and Windows services oriented system with fully
integrated Identity management based on digital certificate on Smart Card
50+ Data sources with daily updates 80 GB Data Base 3,000,000 citizens 380,000 enterprises more than 1700 external clients Availability period 8-20 2-4 seconds response time 8000 reports daily Highly automated (5 business people and 4 support man) Scalabe Ready for interconnection…