ABSTRACT
In order to support secure information sharing and interoperability of e-government systems, Public Information Sharing Center (PISC) in Korea adopted SecureGov framework that consists of multiple security mechanisms: access control scheme called Enterprise Digital Right Management (E-DRM) to prevent illegal use and leakage, a forgery prevention technology using a 2-D barcode to prevent illegal modification of the data, and PKI scheme to ensure the authenticity of the user and delivered data. These security mechanisms had been sufficient to ensure secure exchange of information between two organizations, preventing illegal modification, edits, or transfers of sensitive data to a third parties for unintended purposes in the age of wired PC based computing environment.
However, with a wide spread use of mobile devices and micro devices, including smart phones and wearable devices, additional security mechanisms are required to prevent the insider attacks, such as a leakage of highly sensitive and confidential documents or conversations by taking secretive photos or illegal recordings. In this paper, we present the Smart SecureGov framework that focuses on the tracking technologies in case of smart device-based leakage occurs. The security mechanisms, such as a text watermarking technology, image or audio watermarking technologies, are proposed to detect the authenticity of the leaked document or media and to trace back to the origin of leaks. The Smart SecureGov framework is an evolution to counter against the new risks and threats posed by mobile and smart digital media technologies.
- Arnab, Alapan, and Andrew Hutchison, Requirement Analysis of Enterprise DRM Systems, Proceedings Information Security South Africa, (Hotel Balalaika Sandton, Johannesburg, 2005).Google Scholar
- Bajaj, A., Ram, S. IAIS: A Methodology to Enable Inter-Agency Information Sharing in eGovernment, Journal of Database Management, 14, 4, 2003, pp.59--80.Google ScholarCross Ref
- Casey, T., Harbitter, A., Leary, M., and Martin, I., Secure Information Sharing for the US Government, White Papers, Nortel Technical Journal (2008).Google Scholar
- Chongthammakun, R., and Jackson, S. J. Boundary Objects, Agents, and Organizations: Lessons from E-Document Systems Development in Thailand, Proceedings of 2012 45th Hawaii International Conference on Systems Sciences, (Hawaii, 2012). Google ScholarDigital Library
- Elisabeth, H. How enterprise DRM works: Everything you need to know about information rights management, Computer World, 27 April 10, (2010).Google Scholar
- Fokoue A., Srivatsa, M., Rohatgi, P., Wrobel, P., and Yesberg, J., "A Decision Support System for Secure Information Sharing", Proceedings of the 14th ACM Symposium on Access Control Models and Technologies, (2009), 105--114. Google ScholarDigital Library
- Headayetullah, M., and Pradhan, G. K. Interoperability, Trust based Information Sharing Protocol and Security: Digital Government Key Issue, International Journal of Computer Science and Information Technology, Vol 2 (3) June 2010.Google ScholarCross Ref
- Jang YH, Jungwook Moon, Sam Youl Lee, MyungJae Moon, and TaeJoon Na, (2005) Analysis of structural and Practical Factors, related to Information Planning at Public Service, research report, Research Institute of IT and Communication Policy, June 02 2005.Google Scholar
- Kido, H. e-Government for Management, Interface, Accountability, and Transparency: Reform of Public Management through ICT", Proceedings of Korea Association of Public Administration, (Seoul, October 18--19, 2002).Google Scholar
- Kim, S. W. (2009), "A Study on the Public Administrative Information Sharing Scheme for Sustainable Evolution of e-Government", Industry and Management, Chung-book University, 21, 2, 2009, 59--79.Google Scholar
- Legner, C., and Lebreton, B., 2007, Business Interoperability Research: Present Achievements and Upcoming Challenges, Electronic Markets, Vol.17, No.3., pp.176--186. Google ScholarDigital Library
- Liu, P., and Cheta, A., Trust-based Secure Information Sharing Between Federal Government Agencies, Journal of the American Society for Information Science and Technologies, 46, 3 (2005), 283--298. Google ScholarDigital Library
- Makedon, F., Sudborough, C., Baiter, B. B., Pantzion, G., and Conalis-Kontos, M., 2003, A Safe Information Sharing Framework for e-Government Communications, IT white paper from Boston University, (2003).Google Scholar
- Otjacques, B., Hitzelberger, P., and Feltz, F. 2007, Interoperability of e-government information systems: Issues of Identification and Data Sharing, Journal of Management Information Systems, Vol.23, No.4, pp.29--51. Google ScholarDigital Library
- Pardo, T. A., Gil-Garcis, J. R., and Burke, G. B. Building Response Capacity through Cross-boundary Information Sharing: The Critical Role of Trust, Proceedings of E-Challenges Conference, (Barcelona, Spain, 2006).Google Scholar
- Sandhu, R., Ranganathan, K., and Zhang, X., Secure Information Sharing enabled by Trusted Computing and PEI models, Proceedings of the ACM Symposium on Information, Computer, and Communication Security, (2006), pp.2--12. Google ScholarDigital Library
- Headayetullah, M., and Pradhan, G. K. "Efficient and Secure Information Sharing For Security Personnels: A Role and Cooperation Based Approach", International Journal on Computer Science and Engineering, Vol. 02, No. 03, 2010.Google Scholar
- NIST.gov --- Computer Security Division --- Computer Security Resource Center". Csrc.nist.gov. Retrieved 2010-08-09.Google Scholar
- MOPAS: Ministry of Public Administration and Security, http://www.mopas.go.kr/gpms/ns/mogaha/user/nolayout/main/english/userEngMainDisplay.action, Accessed Feb 2013.Google Scholar
- Public Information Sharing Center, news article (in Korean) http://www.dt.co.kr/contents.html?article_no=2006050102012060650002, May 6, 2006Google Scholar
- PISC Major Achievements and Results https://www.pisc.go.kr/fa/fa010/introduction/center_result.jspGoogle Scholar
- Shafiq, B., J. Vaidya, V. Atluri and S. Chun, Information Sharing among Incident Management Systems using UICDS, Proceedings of the 11th International conference on Digital Government Research (2010) pp 23--31 Google ScholarDigital Library
- Memorandom on Informing Consumers through Smart Disclosure http://www.whitehouse.gov/sites/default/files/omb/inforeg/for-agencies/informing-consumers-through-smart-disclosure.pdfGoogle Scholar
- Jong Uk Choi, S. Chun, Dong Hwa Kim and A. Keromytis, SecureGov: Secure Data Sharing for Government Services Proceedings of the 14th International Conference of Digital Government Research, Quebec City, Canada, June 17--20, 2013: pp 127--135 Google ScholarDigital Library
- Hsieh, K-H, Chen, X-F., and Pan Z-A., "Digital Watermarking System according to Background Image Pixel Brightness Value, and Digital Watermarking Method," US Patent, US 7,796,778, 2010.Google Scholar
- Yang, B., Shi, W., Qi, W., Cheng, S., and Wang, L., "Methods and Apparatus for Embedding and Detecting Digital Watermarks in a Text Document", US Patent, US 8,107,129, Jan 2012.Google Scholar
- Pasqua, J., "Document Watermarking Method using line Margin Shifting", US Patent, US 2002/0118860, Aug. 2002.Google Scholar
- Alattar, A. M., and Alattar, O. M., "Watermarking Electonic Text Documents', US Patent, US 8,014,557, Sept 2011.Google Scholar
- Devidas, P. B., and Namdeo, P. N., "Text Watermarking Algorithm using Structural Approach," 2012 World Congress on Information and Communication Technologies (WICT), Trivandrum, Oct. 30 2012--Nov. 2 2012, pp. 629--633.Google Scholar
- Jalil, Z., and Mirza, A. M., "A Review of Digital Watermarking Techniques for Text Documents", Proceedings of 2009 International Conference on Information and Multimedia Technology, Jeju Island, South Korea, December 16--December 18, 2009. Google ScholarDigital Library
- Huang, D., and Yan, H., "Interword Distance Chnages Represented by Sine Waves for Watermarking Text Images," IEEE Transactions on Circuit and Systems for Video Technology, Vol. 11. No. 12, Dec 2001. Google ScholarDigital Library
- Micic, A., Radenkovic, D., and Nikolic, S., "Authentication of Text Documents Using Digital Watermarking", Proceedings of TELSIKS 2005, Seria and Montenegro, Sep.t 28--30, 2005.Google Scholar
- Mancini, F., S. Gejibo, K. A. Mughal, R. A. B. Valvik, J. Klungsoyr, "Secure Mobile Data Collection Systems for Low-Budget Settings," 2012 Seventh International Conference on Availability, Reliability and Security, pp. 196--205, 2012. Google ScholarDigital Library
- Veerubhotla, R. S.; Saxena, A., "A DRM framework towards preventing digital piracy," Information Assurance and Security (IAS), 2011 7th International Conference on, vol., no., pp.1,6, 5--8 Dec. 2011.Google Scholar
- Hartung, F.; Ramme, F., "Digital rights management and watermarking of multimedia content for m-commerce applications," Communications Magazine, IEEE, vol.38, no.11, pp.78,84, Nov 2000 Google ScholarDigital Library
- Mansfield, K.; Eveleigh, T.; Holzer, T. H.; Sarkani, S., "Unmanned aerial vehicle smart device ground control station cyber security threat model," Technologies for Homeland Security (HST), 2013 IEEE International Conference on, vol., no., pp.722,728, 12--14 Nov. 2013Google Scholar
- Guo, C., Wang, H. J., Zhu, W., Smart-Phone Attacks and Defenses, HotNets III, November, 2004.Google Scholar
- Brian Tokuyoshi, The security implications of BYOD, Network Security Volume 2013, Issue 4, 2013:12--13Google ScholarCross Ref
- Frank Konkel, NSA talking Snowden, insider threats, http://fcw.com/articles/2013/12/17/nsa-41-steps.aspx, Dec 17, 2013Google Scholar
- Jon Oltsik, 2013 Vormetric/ESG Insider Threats Survey, The Enterprise Strategy Group, Inc., 2013. http://www.vormetric.com/sites/default/files/ap_Vormetric-Insider_Threat_ESG_Research_Brief.pdfGoogle Scholar
- Shaun Waterman, NSA leaker Ed Snowden used banned thumb-drive, exceeded access, The Washington Time, June 2013.Google Scholar
- Bhargava, B., R. Ranchal and L. Othmane, Secure Information Sharing in Digital Supply Chains, IEEE 3rd International Advance Computing Conference (IACC), 2013: 1636--1640Google Scholar
- Wang, S-G, and Fan Z, "Embedding Variable Watermark Information in Halftone Screens, US Patent, US 7,436,977, Oct. 2008Google Scholar
Index Terms
- Smart SecureGov: mobile government security framework
Recommendations
SecureGov: secure data sharing for government services
dg.o '13: Proceedings of the 14th Annual International Conference on Digital Government ResearchOpen Government initiative allows government data available digitally to share and integrate to produce value added information products and citizen services. This "paperless" government facilitates the transparency of government and fosters ...
Smart governance for smart industries
ICEGOV '13: Proceedings of the 7th International Conference on Theory and Practice of Electronic GovernanceIn this paper, we present a vision of smartness as an environment in which humans and devices, visible and unseen, provide a wide range of e-services trying to make a person's life easier, more comfortable and more efficient. Economic and privacy issues ...
A Preliminary Cyber Ontology for Insider Threats in the Financial Sector
MIST '15: Proceedings of the 7th ACM CCS International Workshop on Managing Insider Security ThreatsInsider attack has become a major threat in financial sector and is a very serious and pervasive security problem. Currently, there is no insider threat ontology in this domain and such an ontology is critical to developing countermeasures against ...
Comments