E-Governance and Security MINI SEMINAR 30TH JUNE2013 AVCC,NOIDA

We all know about the bright future

India has taken significant steps in the area of egovernance, with almost all states across the country launching e-services in some form or the other.
* Source: india.gov.in/e-governance‎

The other side of the story

Any ICT infrastructure must be Secure because Citizen & Business transactions contain Significant Confidential Information

But who decides the Security QR’s……. Sadly….till date the approach has been mostly reactive since we have been traditional in configuring SECURITY!!!!!!!

While anti-virus and firewalls are seen more as a Reactive security mechanism,IDP solutions are more Proactive and get activated as soon as any abnormal behavior is detected.

With the information Technology(IT) Act 2000 coming into effect from October 18,2000,transactions on the internet have got legal validity in India

And ever since……..

INDUSTRY

APPLICATION

AVERAGE COST PER HOUR OF DOWN TIME(US$)

Financial

Brokerage Operations

$15,840,000/-

Financial Retail Transportation Entertainment Shipping Financial

Credit Card Sales Home Shopping TV Air Line reservations Tele-ticket sales Package Shipping ATM

$7,000,000/$750,000/$350,000/$300,000/$250,000/$200,000/-

Lets try to get familiar with the threat vectors!!!

Domains of security

False Identity

Impersonati on Failure User Fraud

Unknown Outsider Attack

Insider Attack

Threats
Breach of Anonymity

Unauth Disclosure

Access Revoked Rights DoS Theft of Access Tokens

Probe is a class
of attacks where an attacker scans a network to gather information or find known vulnerabilities

MALWARE : Malicious software
Microsoft b70

Internet Infrastructure attacks

These rare but serious attacks involve key components of the Internet infrastructure rather than specific systems on the Internet.

Denial of Service Attacks

Remote to local attack

User to Root Attack

So

What
Should we not support E-Governance?

Apex Body on Standards in DIT

State Wide Area Network (S.W.A.N.)

National E- Government Intranet

And all this along with these two Current Giants make a great Attack Surface

Cryptography
Monitoring tools

Stringent Security Policies

Analysis tools Firewalls/UT Ms

Sign up to vote on this title
UsefulNot useful