Implementation of public key infrastructure for eprocurement system : a case of selected state corporations
Date
2012-06
Authors
Kanyinyi, Lawrence K.
Journal Title
Journal ISSN
Volume Title
Publisher
Strathmore University
Abstract
The dynamic character of the world means that it can be difficult to forecast future conditions
and thus flexible strategies may be needed to cope with uncertainty. E-Procurement has been
seen as a response to the uncertainties of relying paper work in the procurement processes. The
implementation of PKI in E-Procurement in State Corporations is an initiative that ensures
security and authenticity in procurement are maintained throughout the processes. The
implementation of such initiative is thus influenced by some internal and external factors and
some challenges.
This study evaluated the implementation of PKI in E-procurement in the Kenyan Parastatals.
This was done by utilizing guidelines of three objectives that is; 1) To determine the current
status of Public Key Infrastructure in state corporations, 2) To find out the challenges that state
corporations experience in the implementation of Public key Infrastructure in the E-Procurement
process, and 3) To establish a framework that government organizations can use in the
implementation of PKI in E-Procurement processes. The target population was sixteen (16)
selected Kenyan Parastatals. One respondent from Information Technology department, from
each organization was purposively selected to participate in the study. A self administered
questionnaire was applied in the data collection. The collected data was then be analyzed in
descriptive statistics technique by using a computer aided program; Statistical Package for Social
scientist (SPSS).
This study found that most of the State Corporations in Kenya have online services that use
PKI/SSL Certificate. In addition,secure email was the principal business function of the PKI-enabled
application. It was also established that state corporations were using CA service
providers to run their PKIs. The study also found that state corporations do not have a central
(public/private) key server. State corporations establish a PKI or digital certificate services for
authentication (Single Sign On or Access Control), transport security (e.g. IPSec, wireless) and
for document Signing (or "non repudiation").
PKI can help in ensuring that bidder's information is be kept private, 111" supporting
confidentiality in the processes and in ensuring identity of an individual and in promoting trust in
use of the system.
Description
Submitted in partial fulfillment of the requirements for the Degree of Master of Science in
Information Technology
Keywords
Procurement, e-procurement, Public key infrastructure, state corporations