Advanced Information Management and Security
Advanced Information Management and Security (AIMS) has been created to support information management system and address specific needs of ITU and its members. It provides mutual and secure client authentication and ensures interoperability among diverse set of information systems. AIMS is integrated with external audit trail systems.
Pillars of AIMS
Security
Interoperability
Trust
Ownership
Security
Encrypt everything
- End-to-end encryption between client and server.
- Sensitive information stored in encrypted format within IRP Records.
- All information encrypted before being stored on disk.
- Uses latest cryptographic algorithms.
- All messages are signed using a unique private key which can be verified using its matching public key.
Interoperability
One Message Structure
- Clearly defined and agreed request and response structure.
- No vendor lock-in.
- Translates message between systems, freeing developers to focus on features.
- Unified messaging structure with service operation endpoints.
- Disparate applications-process communications from standardized endpoints.
Trust
Zero Trust
- Never trust, always authorize – no assumption made about previous permissions.
- All messages are signed using a unique private key which can be verified using its matching public key.
- Revision tracking of changes & integration with external auditing systems for irrefutable logs.
Ownership
Open Standards
- Built upon Open and Non-Discriminatory standards and tools.
- Data owner decides who gets access to their personal data for a limited time.
- Freedom to host their data wherever they please yet being able to interoperate with disparate systems.
- Data stored in open format, no vendor lock-in.