2018 KAFA: A novel interoperability open framework to utilize Indonesian electronic identity

awangga@poltekpos.ac.id Abstract Indonesian people have electronic citizen card called e-KTP. e-KTP is NFC based technology embedded inside Indonesian citizenship identity card. e-KTP technology has never been used until now since it was launch oﬃcially by the government. This research proposes an independent framework for bridging the gap between Indonesia regulation for e-KTP and commercial use in the many commercial or organization sector. The Framework proposes interoperability framework using novel combination component, there are e-KTP reader, Middleware and Web Service. KAFA (e-KTP Middleware and Framework) implementing Internet of Things (IoT) concept to make it as open standard and independent. The framework use federation mode or decentralized data for interoperability, to make sure not breaking the law of privacy. Extended development of AES-CBC cipher algorithm was used to encrypt the data on the transport between middleware and web


Open Hardware
Arduino is an open-source platform to facilitate the use of electronics in various fields. Arduino uses Atmel AVR processor and its software has its own programming language (often referred to as a microcontroller) or IDE (Integrated Development Environment) that runs on your computer, used to write and upload computer code to the physical board. IDE is a software used to write and compile programs for Arduino. Arduino IDE is also used to upload compiled programs to the Arduino board program memory [7].

NFC
Near Field Communication (NFC) is a kind of communicational technology, which run wirelessly at a high frequency; and it can work in 20 cm by 13.56 MHz. It can transmit data at three speeds which are respectively 106 Kbit/s, 212 Kbit/s and 424Kbit/s. The NFC has two work modes which are initiative mode and passive mode [12]. Card emulation mode: In this mode, the NFC tag is equivalent to an IC card which adopts RFID technology. The NFC tag can replace many IC cards used now (including credit, card entrance card used in supermarket, easy card, control card, ticket to vehicle, ticket to door and so on). In this mode, it is a great advantageous that the RF domain of Non-contact card reader can supply power to NFC tags; so, the tag can work even the host device is out of battery. The NFC tag must be equipped with Security Element (SE for short) if it wants to apply the function of Card Emulation [8].
NFC reader has two tasks, receive commands from software and communicate between NFC tags. NFC reader is a link between software applications with antenna will radiate radio waves to NFC tags. Radio waves emitted by the antenna gathered in the room around it. so that the data can be transferred wirelessly from or to the NFC tag located adjacent to the antenna [13]. In this discussion, NFC reader built by two microcontrollers that are arduino UNO board and NFC shield PN532. Communications between arduino UNO board and NFC shield PN532 can be using I2C (Inter-Integrated Circuit Communications, pronounced I squared C) protocol or SPI (Serial-Peripheral or Interface) protocol [14].

AES-CBC URL Encrypt
AES-CBC is one of the standard methods of encryption also known as The Rijndael algorithm [15]. AES is a symmetric key algorithm to helps prevent information from being passed in clear text. Both the sender and the receiver use a single key for encryption and decryption of up to 16 characters, and an initialization vector. [16]. This process requires a minimum of 128 bits of data in the encryption. The AESCBC method involves an Initialization Vector (IV) for XOR operations. Both encryption and decryption process is done with a key. They must have a data length of 128 bits [17]. The process of encryption and decryption is as follows: To perform an encryption operation, a plaintext must have a length of multiple data of 128 bits XOR and IV will be operated on the first plaintext before it is encrypted by the key. The encryption process creates a ciphertext. Then it will be decrypted by the key first. After the decryption process, XOR operation and IV are performed to the decryption result to produce plaintext [16].
AES-CBC is adopted by many organizations around the world. Because it has simplicity and flexibility in the implementation stage. AES-CBC is used in various applications ranging from smart cards to large servers. In fact, hardware implementations of AES are well suited to resource-constrained embedded applications like satellites [16]. Several other advantages of choosing AES-CBC is that these are symmetric key ciphers, lightweight and more secured when compared to others [18]. The cipher is merged with the created instance of the AES algorithm [19]. Typically, the CPU memory on these IoT devices is a scarce resource. Hence, implementation of AES CBC will not cause memory footprint overloads [18].

Federation Model
The federation model best suits in the situation where an existing collection of autonomous and possibly heterogeneous databases are required to be shared. After authentication, the user can request data from any one of the databases within the federation. The owner institution has full control over local databases and has liberty of choosing among different configurations for different levels of autonomy, degree of replication, and cross-registration of each data resource [20]. The Cloud Architecture also implementing Federation model as single-sign-on authentication [21], real-time application [22], a service model [23], scalable peer-to-peer approach [24], and a reservoir model [25].

Experiment and Results
KAFA consisting three parts of platform shows in Figure 1

e-KTP Reader
Open Hardware was chosen to built e-KTP Reader to fullfill Open Standar of this Frame-work. e-KTP reader consisting PN532 sensor and Arduino. PN532 Sensor connects ed to Arduino to read NFC on e-KTP. The wiring between arduino and PN532 sensor shows in Table 1. PN532 has set in the I2C mode. After wiring, the code from 3 push to the Arduino, Figure 3 show some code in Arduino to read NFC tags in e-ktp. The readers read NFC ID of e-KTP and pass it to serial communication to the computer.

Middleware and Web Service Deployment
The middleware code using python shows in Figure 4. The e-KTP ID passes from Mid-dleware to web service after encrypted using AES-CBC cipher algorithm in Figure 4. The Web service receiving e-KTP ID data and decrypt is. The web service code shows in Figure 5. The web service is customable to connect many API or Application or database in existing business environment. The demonstration shows in Figure 6.

Conclusion
KAFA is a first release of open standard for e-KTP interoperability. The framework is independent for utilizing indonesian electronic identity card into many business process.