July 2008

Information Security Issues in e-Governance

Views: 447

Security Policy Specification: Security Requirement Specification and Risk Analysis Report as input and generates a set of e-Gov security policies. The policy statements are high-level rule-based and generic in nature and thereby, does not provide any insight to system implementation or equipment configuration.

Security Infrastructure Specification: This phase analyses the Security Requirement Specification and the Security Policy Specification to generate a list of security tools that are needed to protect the assets. It also provides views on the location and purpose of the security tools.

Security Infrastructure Implementation: The organisation, in this phase, procures, deploys, and configures the selected security infrastructure at the system level.

Security Testing: In this phase, several tests are carried out to test the effectiveness of the security infrastructure, functionality of the access control mechanism, specified operational context, existence of known vulnerabilities in the infrastructure etc.

Requirement Validation: This phase analyses the extent of fulfillment of the security requirements for implementing  e-Governance organization by the corresponding security policy and the implemented security infrastructure. Change in the service goal, operational environment, and technological advancement may lead to a fresh set of security requirements and thereby, triggering a new cycle of the Security Engineering Life Cycle.

Recommendation References

  • [Backus 2001] Backus, M. , “e-Governance in Developing Countries”, International Institute of Communication & Development (IICD), Research Brief No. 1, March, 2001.
  • [Bhattacharya, 2003] Bhattacharya, J., “Middleware And Technology Standards For e-Governance”, IBM India Research Lab, Research Report, March 2003
  • [Nath, 2005] Nath, V. , Digital Governance Initiative, www.DigitalGovernance.org.
  • [PWH 2003] Information Security: A Strategic Guide for Business, ProcewaterhouseCoopers Global Technology Centre, November 2003.
  • [Sengupta, 2005] Sengupta, A., Mazumdar, C. and Barik, M.programmes., “e-Commerce security – A life cycle approach”, in Sadhana, Journal of the Indian Academy of Sciences, Bangalore, India, Vol. 30, Part 2 & 3, April/June 2005, Pages 119-140.
  • [Tapscott, 1999] Tapscott, D.  and Agnew, D. , “Governance in the Digital Economy: The Importance of Human Development” in Finance and Development, IMF, Vol. 36, No. 4, December 1999.

Comments

comments

Click to comment

Leave a Reply

Your email address will not be published.

Latest News

To Top