Skip to content

wmm-x/BIS

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

43 Commits
inc
inc
 
 
kms
kms
 
 
src
src
 
 
uploads
uploads
 
 
vendor
vendor
 
 
.env
.env
 
 
README.md
README.md
 
 
admin-view.php
admin-view.php
 
 
application-view.php
application-view.php
 
 
approved-form.php
approved-form.php
 
 
cert-view.php
cert-view.php
 
 
composer.json
composer.json
 
 
composer.lock
composer.lock
 
 
dashboard.php
dashboard.php
 
 
generate-form.php
generate-form.php
 
 
index.php
index.php
 
 
issued-certificate.php
issued-certificate.php
 
 
login.php
login.php
 
 
manage-hospital.php
manage-hospital.php
 
 
pending-application.php
pending-application.php
 
 
pending-form.php
pending-form.php
 
 
register-hospital.php
register-hospital.php
 
 
rgd-dashboard.php
rgd-dashboard.php
 
 
view.php
view.php
 
 

Repository files navigation

Digital Birth Certificate Issuing System

A secure, enterprise-grade web application for issuing and managing digitally signed birth certificates with military-grade encryption and a custom Key Management Service.

The system leverages PHP for the main application backend, complemented by a dedicated Node.js and Express-based Key Management Service (KMS) for cryptographic key operations.

Project Overview

The Digital Birth Certificate Management System streamlines and secures the digital workflow for vital statistics management, designed specifically for the Registrar General's Department (RGD), hospital networks, and citizens.

Core Stakeholders

  • RGD Administrators – Hospital registration, application review, certificate issuance
  • Hospital Administrators – Application creation, approval workflows, and documentation
  • Parents/Citizens – Secure access to digitally signed birth certificates

Security Architecture

The system implements defense-in-depth security principles across multiple layers:

Security Layer Implementation
Transport Security TLS for all client-server communications
Data Encryption AES-256-GCM encryption with authenticated encryption
Key Management Dedicated Node.js KMS with secure key generation and rotation
Authenticity RSA-based digital signatures for non-repudiation
Access Control Role-based access control (RBAC) across three tiers

Encryption Strategy

  • Per-Record Encryption: Each birth certificate uses a unique AES-256-GCM key
  • Key Isolation: Encryption keys are generated, stored, and managed exclusively by the KMS
  • Database Security: All sensitive data is encrypted at rest
  • Signature Verification: Digital signatures ensure certificate authenticity and prevent tampering

Technology Stack

Layer Technology Purpose
Frontend HTML5, CSS3, JavaScript Responsive, user-centric interface
Backend (Application) PHP Core business logic and workflows
Backend (Key Services) Node.js , Express.js Dedicated KMS microservice
Database MySQL 8.0+ Encrypted data persistence
Encryption OpenSSL (AES-256-GCM, RSA) Industry-standard cryptography
Email Service PHPMailer with SMTP/TLS Secure certificate delivery

About

No description, website, or topics provided.

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages