Professional Documents
Culture Documents
SEMINAR
Agenda
1. What is e-governance? 2. Difference between e-governance and e-government 3. Examples of e-governance 4. Security of e-governance 5. Security standards
6. Security Architecture
7. Conclusion
8. References
What is e-governance?
When we use various modern information and communication technologies such as Internet, LAN, Mobiles etc. for government to improve the effectiveness, efficiency, service delivery, and to promote democracy then it is called egovernance. We can say e-governance is a system to improve and to support a good government through the use of information and communication technologies. Egovernment is the use of information and communication technologies (ICTs) to improve the activities of public sector organizations. E-governance is a process of delivering information to the user or client in an efficient way for benefit of both client and government.
3
A denotes Accountability,
R denotes Responsiveness and T used for Transparency.
Many countries are looking forward for a corruption free government using e-governance. E-government is one-way communication protocol whereas e-governance is two-way communication protocol. The essence of e-governance is to reach the beneficiary and ensure that the services intended to reach the desired individual has been met with.
Examples of e-governance:
1. KAVERI - Computerization of sub registrars offices in Karnataka 2. KHAJANE - Computerization of treasuries in Karnataka 3. eProcurement - Online tendering in Andhra Pradesh 4. eSeva - One stop shop for many services 5. Computerised interstate check posts in Gujarat
Security of e-governance
Implementation of e-governance has changed the way of living of the people in various countries. At present scenario we can say our most activities or needs are totally depend upon the E-governance, thats why security of e-
Security of what?
Security of What? This is a major question when we talk about E-governance security. Security is all about protecting the Information and Communication Technology (ICT) assets of an organization. The ICT assets themselves can be of a wide variety including the following: Data, Information, Knowledge Resources, Programs, Hard-ware, Networks Above we mention some ICT assets which are very important for security perspective of E-governance. This is a very important responsibility of E-governance administrators to protect these assets.
8
Sources of Threat
The sources of threat can be internal or it can be external to the government body. There are various internal sources of threat like the employees who work on the e-governance project, customers of the E-governance projects they may
Types of Threat
Threats may include unauthorized access, modification, and destruction of data. The threats may be of different types varying from time to time because technology changes frequently. The attacks on security of e-governance system can be in different forms including Defacing of web sites, Hacking, Cracking, Damage to critical database and
Security Management
The security of the e-governance system has to be managed systematically in three levels, this model is explained with the help of this figure:
USER
Identity Management:
The main purpose of this is to create unique digital identity or credential to all legal users by providing a unique user name and password, to create and manage ICT systems which ensure that the digital identities are secure.
In user level, we can use various tools to provide or enhance the security at the user level. These tools are 1. Public key infastructure
2. Digital signature 3. Symmetric key cryptography
15
17
Electronic Security:
We have various electronic security tools, and we can manage them in two categories-
1. Anti-virus System
When we discuss about digital threats the first thing in 2.Firewalls our mind is virus, which affects our ICT assets in various
Firewalls:
A system designed to prevent unauthorized access to or from a private network. A firewall is a security device that can be hard-ware or software that is mainly use for to separate a secure area from a less secure area and to control communications between the two. We have several firewall techniques such as Packet filter, Application gateway, Circuit-level gateway, Proxy server. There are
Security StandardsPersonnel Security The Security Policy information security was set by the BS standard for 7799, being its popularity it was adopted by ISO as ISO compliance 17799 Access Control and its sequel BS 7799-2 that prescribes the specification for Information Security Management. The ISO System Communication 2005, essentially 27001 standard was published in October & Development BS Operation re placing the old & 7799-2 standard. It is the specification Maintenance Management for an Information Security Management System. ISO 17799 defines 127 security controls structured under 10 major Organization of Asset headings Assets & to enable the information security manager to Classification & identify the particular safeguards that are appropriate to there Resources Control specific area of responsibility. Physical & Environmental Security Business Continuity Management
20
Security Architecture
The security architecture of E-governance is a high level document that set the security goals of e-governance project and describe the procedure that need to be followed by all the e-governance hierarchy such as users, businesses, operators etc. Appropriate legal framework is absolutely essential for the systematic and sustained growth of e-governance.
e-governance security Protection of public order & decency Providing legal status to digital transaction
21
23
Conclusion
Its security plays a major role as the publics data is flowing in the form of information across different government activities. we can know application of different security aspects of e-governance in terms of cryptography issues like user authorization and authentication, non-repudiation and integrity of government issues and many more. Different govt. activities are being automated with the progressing time but as they are mostly involving common mans information regarding their education, residences, job areas, income and expenditures, involvement in public activities etc. so their security is of major concern. A single leak in the system can deteriorate the full e-governance architecture as all the components are inter-related to one another.
24
References
[1] Prabhudatt Dwivedi and Ganesh P. Sahu Challenges of E-government Implementation in India. [2] http://www.pcrepairswansea.co.uk/virus.html. [3] www.webopedia.com/TERM/F/firewall.html. [4] An Introduction to ISO 27001 (ISO27001). [5] Satyanarayana J. e-Government the science of the possible. [6] The Information technology Act (2000) The Gazette of India. [7] ENISA, Risk management Implementation Principles and In-ventories for Risk management / Risk assessment methods and tools. ( page 8 ).
25
26