OpenCRVS
v1.7
v1.7
  • 👋Welcome!
  • CRVS Systems
    • Understanding CRVS
    • Effective digital CRVS systems
    • OpenCRVS within a government systems architecture
    • OpenCRVS Value Proposition
  • Product Specifications
    • Functional Architecture
    • Workflow management
    • Status Flow Diagram
    • User roles & scopes
      • Examples
    • Core functions
      • 1. Notify event
      • 2. Declare event
      • 3. Validate event
      • 4. Register event
      • 5. Print certificate
      • 6. Issue certificate
      • 7. Search for a record
      • 8. View record
      • 9. Correct record
      • 10. Verify record
      • 11. Archive record
      • 12. Vital statistics export
    • Support functions
      • 13. Login
      • 14. Audit
      • 15. Deduplication
      • 16. Performance management
      • 17. Payment
      • 18. Learning
      • 19. User support
      • 20. User onboarding
    • Admin functions
      • 21. User management
      • 22. Comms management
      • 23. Content management
      • 24. Config management
    • Data functions
      • 25. Legacy data import
      • 26. Legacy paper import
  • Technology
    • Architecture
      • Performance tests
    • Standards
      • FHIR Documents
        • Event Composition
        • Person
        • Registration Task
        • Event Observations
        • Locations
    • Security
    • Interoperability
      • Create a client
      • Authenticate a client
      • Event Notification clients
      • Record Search clients
      • Webhook clients
      • National ID client
      • FHIR Location REST API
      • Other ways to interoperate
  • Default configuration
    • Intro to Farajaland
    • Civil registration in Farajaland
    • OpenCRVS configuration in Farajaland
      • Application settings
      • User roles
      • Declaration forms
      • Certified Copies templates
    • Business process flows in Farajaland
  • Setup
    • 1. Planning an OpenCRVS Implementation
    • 2. Establish project and team
    • 3. Gather requirements
      • 3.1 Mapping business processes
      • 3.2 Mapping offices and user types
      • 3.3 Define your application settings
      • 3.4 Designing event declaration forms
      • 3.5 Designing a certified copy
    • 4. Installation
      • 4.1 Quick start: Set-up a local development environment
        • 4.1.1 Install the required dependencies
        • 4.1.2 Install OpenCRVS locally
        • 4.1.3 Starting and stopping OpenCRVS
        • 4.1.4 Log in to OpenCRVS locally
        • 4.1.5 Tooling
          • 4.1.5.1 WSL Support
      • 4.2 Configure: Set-up your own, local, country configuration
        • 4.2.1 Fork your own country configuration repository
        • 4.2.2 Set up administrative address divisions
          • 4.2.2.1 Prepare source file for administrative structure
          • 4.2.2.2 Prepare source file for statistics
        • 4.2.3 Set up CR offices and Health facilities
          • 4.2.3.1 Prepare source file for CRVS Office facilities
          • 4.2.3.2 Prepare source file for health facilities
        • 4.2.4 Set up employee users, and scopes, for testing or production
          • 4.2.3.1 Prepare source file for employees
          • 4.2.3.2 Configure roles and scopes
        • 4.2.5 Set up application settings
          • 4.2.5.1 Managing language content
            • 4.2.5.1.1 Informant and staff notifications
          • 4.2.5.2 Configuring Metabase Dashboards
        • 4.2.6 Configure certificate templates
        • 4.2.7 Configure declaration forms
          • 4.2.7.1 Configuring an event form
        • 4.2.8 Seeding & clearing your local databases
        • 4.2.9 Countryconfig API endpoints explained
      • 4.3 Deploy: Set-up a server-hosted environment
        • 4.3.1 Verify servers & create a "provision" user
        • 4.3.2 TLS / SSL & DNS
          • 4.3.2.1 LetsEncrypt https challenge in development environments
          • 4.3.2.2 LetsEncrypt DNS challenge in production
          • 4.3.2.3 Static TLS certificates
        • 4.3.3 Configure inventory files
        • 4.3.4 Create a Github environment
          • 4.3.4.1 Environment secrets and variables explained
          • 4.3.4.2 VPN Recipes
        • 4.3.5 Provisioning servers
          • 4.3.5.1 SSH access
          • 4.3.5.2 Building, pushing & releasing your countryconfig code
          • 4.3.5.3 Ansible tasks when provisioning
        • 4.3.6 Deploy
          • 4.3.6.1 Running a deployment
          • 4.3.6.2 Seeding a server environment
          • 4.3.6.3 Login to an OpenCRVS server
          • 4.3.6.5 Resetting a server environment
        • 4.3.7 Backup & Restore
          • 4.3.7.1 Restoring a backup
          • 4.3.7.2 Off-boarding from OpenCRVS
    • 5. Quality assurance testing
    • 6. Go-live
      • 6.1 Pre-Deployment Checklist
    • 7. Operational Support
    • 8. Monitoring
      • 8.1 Application logs
      • 8.2 Infrastructure health
      • 8.3 Routine monitoring checklist
      • 8.4 Setting up alerts
      • 8.5 Managing a Docker Swarm
  • General
    • Community
    • Contributing
    • Migration notes
    • Releases and upgrades
    • Release notes
    • Product roadmap
Powered by GitBook
On this page
  • Key security points
  • Data security framework
  1. Technology

Security

PreviousLocationsNextInteroperability

Last updated 2 months ago

We treat the security of OpenCRVS and the personally identifiable citizen data it stores with utmost care.

Every release of the OpenCRVS application and infrastructure has been security penetration tested by an independent, and certified 3rd party to UK government standards.

Penetration tests of OpenCRVS have been performed by , on behalf of UNICEF, and - preferred security testing provider.

As an example, Plc conducts security assessments for public and private organisations in the form of white hat penetration testing (aka ethical hacking) to simulate an adversary attacking the system and identifying vulnerabilities that may be exploited to compromise data confidentiality, integrity and availability.

Gofore pentesters utilise proven pentesting methods of code review, automated enumeration scans via the public internet, fuzzing with diverse input, and manual tests. The security assessment was conducted in two rounds, first to identify and report vulnerabilities, and then reassessed to ensure reported vulnerabilities were resolved.

"Already from the results of the first assessment, it was evident that the OpenCRVS web application had a good security posture. The web application security fundamentals were sound."

Gofore Cyber Security Consultant

Key security points

Two factor authentication

Our server SSH access, mobile application and microservices are secure, protected by utilising . 2FA codes are sent to the user's mobile device in order log in either via SMS or Google Authenticator. These codes ensure that only users with access to authenticated hardware can access OpenCRVS.

Access controls and audit trail

User types and access controls are managed in order to segregate personally identifiable data to only to the users who need it. These user types can be set up in the Team GUI accessible by National and Local System Administrators. Every access to a specific declaration or registration is audited in order to track who viewed the data thus protecting citizen rights. All access to OpenCRVS servers and infrastructure health is logged and monitored in . SSH access to servers requires Google Authenticator 2FA.

Ansible provisioned firewall & SSH 2FA (VPN requirement)

OpenCRVS automatically provisions a secure firewall to OpenCRVS on each node. SSH users are configured to use Google Authenticator 2FA when connecting via a Terminal. Every SSH access prompts an automated alert to technical teams via Slack. Note: OpenCRVS should only be installed behind a separately configured and managed, government owned VPN.

TLS certificate

Database encryption

Rate limiting

OpenCRVS authentication and API gateway is rate limited to prevent abusive attacks such as "DoS Denial of service" and "Brute Force". Rate limiting is a technique used to control the number of requests a user or system can make to an API or service within a specified timeframe, preventing abuse and ensuring fair resource distribution.

Data security framework

OpenCRVS is software to digitally enable civil registration processes and as such is designed to digitally store and process personally identifiable information (PII) and also create copies of official documentation including unique identifiers for citizens. It is a technical solution that is regularly penetration tested to industry standards, and where technically possible, OpenCRVS provides solutions to mitigate against common threats.

However, OpenCRVS is used within the context of human day-to-day work and interaction with the outside world. This is a world where we should expect criminals to continually adapt and attempt to gain access to valuable citizen data. The constantly evolving cyber-security landscape includes social engineering methods, machine learning and artificial intelligence. Criminals may adopt these techniques to exploit staff who use OpenCRVS and attack the servers and networks on which it is installed.

Reacting to such threats often falls outside the scope of what a technical system is capable of independently defending against. Therefore data security policies and procedures must be developed and adhered to by implementing project teams and operational staff when setting up and using OpenCRVS.

  • An understanding of data security and privacy risks.

  • An understanding of the technical steps taken in OpenCRVS to mitigate against these risks.

  • A guidance framework for the development of context-specific data security policies and procedures that should be designed and introduced by a government that has chosen to install OpenCRVS and digitise their civil registration system.

  • Security guidance for project managers and all staff involved on a temporary or continual basis in the following stages of an OpenCRVS project: a) design & implementation b) monitoring & maintenance and c) day-to-day usage of OpenCRVS.

Data security policies and procedures must be defined, implemented and updated by governments appropriate to their own contextual needs and should be informed by publicly available content specific to the subject of data security and not exclusively from this document. Some example reference links are provided in the appendix, which may prove useful for developing such policies.

\

OpenCRVS data is encrypted in transit via an SSL certificate that can be automatically provisioned and rotated by signed by , depending on DNS and VPN configuration.

Encryption keys to the databases, API keys and sensitive environment secrets are never stored in .env files but instead are stored in RAM in inaccessible and provided to deployment by inaccessible .

We provide a "Data Security Framework" document explained further with a video in . The purpose of this document is to provide organisations with:

CREST
CyberEssentials
MDSec
The Guardian Project
Gofore
NORAD's
Gofore
2-Factor Authentication
OAuth JWT best practices
Kibana
Traefik
LetsEncrypt
Docker Secrets
Github Secrets
this section