Security requirements for e-government services: a methodological approach for developing a common PKI-based security policy

Authors:
Costas Lambrinoudakis;Stefanos Gritzalis;Fredj Dridi;GüNther Pernul
Affiliations:
Department of Information and Communication Systems Engineering, University of the Aegean, Samos GR 832 00, Greece;Department of Information and Communication Systems Engineering, University of the Aegean, Samos GR 832 00, Greece;Department of Information Systems, University of Essen, Universitätsstr. 9, 45141 Essen, Germany;Department of Information Systems, University of Essen, Universitätsstr. 9, 45141 Essen, Germany
Venue:
Computer Communications
Year:
2003

Citing 7
Cited 8

Digital Government Security Infrastructure Design Challenges

Computer
Grid Services for Distributed System Integration

Computer
Implementation of e-Government Using Knowledge-Based System

DEXA '01 Proceedings of the 12th International Workshop on Database and Expert Systems Applications
Online One-Stop Government

Proceedings of the IFIP 17th World Computer Congress - TC8 Stream on Information Systems: The e-Business Challenge
Functional Requirements for a Secure Electronic Voting System

SEC '02 Proceedings of the IFIP TC11 17th International Conference on Information Security: Visions and Perspectives
Revisiting Legal and Regulatory Requirements for Secure E-Voting

SEC '02 Proceedings of the IFIP TC11 17th International Conference on Information Security: Visions and Perspectives
The Anatomy of the Grid: Enabling Scalable Virtual Organizations

International Journal of High Performance Computing Applications

A simple model and a distributed architecture for realizing one-stop e-government

Electronic Commerce Research and Applications
Towards the homogeneous access and use of PKI solutions: Design and implementation of a WS-XKMS server

Journal of Systems Architecture: the EUROMICRO Journal
Role-Based and Service-Oriented Security Management in the E-Government Environment

EGOV '09 Proceedings of the 8th International Conference on Electronic Government
Middleware non-repudiation service for the data warehouse

Annales UMCS, Informatica
Moving towards maturity: challenges to successful e-government implementation and diffusion

ACM SIGMIS Database
Secure e-Government Services: A Comparative Analysis of e-Government Maturity Models for the Developing Regions-The Need for Security Services

International Journal of Electronic Government Research
Barriers to e-Government Implementation in Jordan: The Role of Wasta

International Journal of Technology and Human Interaction
On the efficiency modelling of cryptographic protocols by means of the quality of protection modelling language (QoP-ML)

ICT-EurAsia'13 Proceedings of the 2013 international conference on Information and Communication Technology

Quantified Score

Hi-index	0.24

Visualization

Abstract

The concept of one-stop on-line government is not science fiction any more. On the contrary, the high reliability and performance of communication links, combined with architectural models that facilitate transparent access to distributed computational and storage resources, propel the development of integrated e-government platforms that support increased citizen mobility. The price we have to pay is the complexity introduced in the design of the security mechanisms required for protecting several heterogeneous information systems-each one supporting some of the services offered through the e-government integrated environment-and ensuring user privacy. This paper demonstrates that the security services offered by Public Key Infrastructure (PKI) can be employed for fulfilling most of the identified security requirements for an integrated e-government platform. The list of security requirements has been compiled by adopting an organisational framework that facilitates the classification of e-government services according to the security requirements they exhibit. The proposed approach has been applied, as a case study, to the e-government system 'Webocrat', identifying its security requirements and then designing a PKI-based security architecture for fulfilling them.