Use Case Modeling
Computer Security in the Real World
Computer
Usability and privacy in identity management architectures
ACSW '07 Proceedings of the fifth Australasian symposium on ACSW frontiers - Volume 68
Security Requirements for the Rest of Us: A Survey
IEEE Software
Security Requirements Engineering: A Framework for Representation and Analysis
IEEE Transactions on Software Engineering
User centricity: A taxonomy and open issues
Journal of Computer Security - The Second ACM Workshop on Digital Identity Management - DIM 2006
Use Cases for Identity Management in E-Government
IEEE Security and Privacy
| Hi-index | 0.00 |
The New Zealand government has proposed an identity management system, to provide an effective and convenient alternative for citizens to access online government information and services. The proposed system is branded as "igovt", which offers two types of authentication services. The first service provides people and businesses with logon identities. The second service provides semi-anonymised identities to government agencies. Each semi-anonymised identity carries a strictly limited amount of information about a logon identity along with an assurance that it corresponds to a living New Zealand citizen or a registered business entity. The New Zealand government has carefully designed the system with clearly-articulated policy principles. It has also conducted several privacy impact assessments and public consultations. However, the New Zealand government has not published any security analyses for igovt, and we are not aware of any unpublished ones. In this paper, we propose a lightweight methodology for the elicitation of security requirements of a complex but incompletely unimplemented system, such as igovt. We illustrate the use of our methodology by developing preliminary security specifications for a portion of the igovt system.