Abstract
This paper proposes a role-based and service-oriented security management framework suitable for the e-government operating environment. Based on user roles and functional classes of e-government services, security threats and vulnerabilities related to e-government systems and applications are identified. In the mean time, security requirements as well as appropriate mechanisms for preventing, detecting and recovering from security attacks are specified. Also provided are suggestions and guidelines for planning and controlling e-government security policies.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Belanger, F., Carter, L.: Trust and Risk in e-Government Adoption. Journal of Strategic Information Systems 17(2), 165–176 (2008)
Cansell, D., Gibson, J.P., Mery, D.: Refinement: A Constructive Approach to Formal Software Design for a Secure e-Voting Interface. Electronic Notes in Theoretical Computer Science 183, 39–55 (2007)
Chang, E., Dillon, T.S., Hussain, F.: Trust Ontologies for e-Service Environments. International Journal of Intelligent Systems 22(5), 519–545 (2007)
Grimsley, M., Meehan, A.: E-government Information Systems: Evaluation-led Design for Public Value and Client Trust. European Journal of Information Systems 16(2), 134–148 (2007)
Guo, X., Lu, J.: Intelligent E-Government Services with Personalized Recommendation Techniques. International Journal of Intelligent Systems 22, 401–417 (2007)
Jaamour, R.: Securing Web Services. Information System Security 14(4), 36–44 (2005)
Joshi, J.B.D., Ghafoor, A., Aref, W., Spafford, E.H.: Digital Government Security Infrastructure Design Challenges. IEEE Computer 34(2), 66–72 (2001)
Kaliontzoglou, A., Sklavos, P., Karantjias, T., Polemi, D.: A Secure e-Government Platform Architecture for Small to Medium Sized Public Organizations. Electronic Commerce Research and Applications 4(2), 174–186 (2005)
Kesh, S., Ratnasingam, P.: A Knowledge Architecture for IT Security. Communications of the ACM 50(7), 103–108 (2007)
Kobsa, A.: Privacy-enhanced Personalization. Communications of the ACM 30(8), 24–33 (2007)
Ksiezopolski, B., Kotulski, Z.: Adaptable Security Mechanism for Dynamic Environments. Computers & Security 26(3), 246–255 (2007)
Lambrinoudakis, C., Gritzalis, S., Dridi, F., Pernul, G.: Security Requirements for e-Government Services: A Methodological Approach for Developing a Common PKI-based Security Policy. Computer Communications 26(16), 1873–1883 (2003)
Lee, S.M., Tan, X., Trimi, S.: Current Practices of Leading e-Government Countries. Communications of the ACM 48(10), 99–104 (2005)
Lim, B.B.L., Sun, Y., Vila, J.: Incorporating WS-Security into a Web Service-based Portal. Information Management and Computer Security 12(2/3), 206–216 (2004)
Lioudakis, G.V., et al.: A Middleware Architecture for Privacy Protection. Computer Networks 51(16), 4679–4696 (2007)
Pardo, T.A., Tayi, G.K.: Interorganizational Information Integration: A Key Enabler for Digital Government. Government Information Quarterly 24(4), 691–715 (2007)
Saint-Germain, R.: Information Security Management Best Practice Based on ISO/IEC 17799. The Information Management Journal 39(4), 60–66 (2005)
Smith, S., Jamieson, R.: Determining Key Factors in E-Government Information System Security. Information Systems Management 23(2), 23–32 (2006)
Stibbe, M.: E-Government Security. Infosecurity Today 2(3), 8–10 (2005)
Swart, R.S., et al.: Dimensions of Network Security Planning for Web Services. Journal of Information Privacy and Security 1(1), 49–66 (2005)
Tanaka, H., Matsuura, K., Sudoh, O.: Vulnerability and Information Security Investment: An Empirical Analysis of e-Local Government in Japan. Journal of Accounting and Public Policy 24(1), 37–59 (2005)
United Nations: United Nations e-Government Survey 2008: From e-Government to Connected Governance. United Nations Publication (2008), http://unpan1.un.org/intradoc/groups/public/documents/UN/UNPAN028607.pdf
von Solms, B.: Information Security - A Multidimensional Discipline. Computers & Security 20, 504–508 (2001)
Yu, C.C.: Building a Value-Centric e-Government Service Framework Based on a Business Model Perspective. In: Wimmer, M.A., Scholl, H.J., Ferro, E. (eds.) EGOV 2008. LNCS, vol. 5184, pp. 160–171. Springer, Heidelberg (2008)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2009 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Yu, CC. (2009). Role-Based and Service-Oriented Security Management in the E-Government Environment. In: Wimmer, M.A., Scholl, H.J., Janssen, M., Traunmüller, R. (eds) Electronic Government. EGOV 2009. Lecture Notes in Computer Science, vol 5693. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-03516-6_31
Download citation
DOI: https://doi.org/10.1007/978-3-642-03516-6_31
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-03515-9
Online ISBN: 978-3-642-03516-6
eBook Packages: Computer ScienceComputer Science (R0)