NCDC Overview

The Government of Saudi Arabia has embarked on an ambitious electronic transactions program, recognizing that there is a tremendous opportunity to better utilize information technology to improve the quality of care/service, lower the cost of operations, and increase customer satisfaction. To ensure the secure, efficient transmission and exchange of information electronically MCIT has created a National Public Key Infrastructure as part of its mandate to develop the ICT sector in the country, named as National Centre for Digital Certification (NCDC). NCDC is created by an act of law and its mandate is stipulated in the Saudi e-Transaction law, articles 19 & 20

                NCDC provides trust services to secure the exchange of information between key stakeholders. Participants include government, citizens and the business sectors.

National Center For Digital Certification Goals

img

NCDC has the following goals:

  • Supervise the tasks relating to management of digital certificates; coordinate matters relating to standards and specifications; prepare regulations and policies to organize.
  •  The Center’s work; develop and promote the usage of digital certificates in the Kingdom.
  • Define the technical specifications for the Certificates Issuance System, certificate contents and form, electronic signature initiation process, and its documentation system.
  • Determine the controls for issuance, sending, maintaining and cancellation of digital certificates.
  • Manage the related PKI policies and procedures.
  • Qualify new Certificate Services Provider’s request in the kingdom.
  • Manage the relationship between the different Certification Services Providers.
  • Assist in developing regulations to organize the electronic transactions and to coordinate with the concerned authorities.
Policies and Regulatory Stander
Policies and Regulatory Stander
The policies and regulatory standards of the PKI in the Kingdom have been developed through the Supreme Committee for PKI Policies and Regulations. This has been commissioned with addressing the regulatory aspects of certification, use controls, developing national policies and procedures, governing the provision of the service, such as the licensing of service providers, the mechanism for supervising the operation of certification centers (CA) and registration centers(RA Room), and follow-up and auditing methods
NCDC’s Strategy
NCDC’s Strategy
The NCDC’s strategy for the management of PKI in the Kingdom is based on a structural model that contains the Saudi National Root CA and CAs/CSPs, where the NCDC hosts and manages Root and Government CAs/CSPs in a single security centre called the NCDC Shared Service Center (NCD-SSC). All CAs/CSPs work together to issue digital certificates of different types (encryption certificate, identity certificate, digital signature certificate) for beneficiaries, to enable e-Government or e-commerce users to conduct their electronic transactions with entire confidentiality, trust and safety.