Presentation is loading. Please wait.

Presentation is loading. Please wait.

Security Issues on E-Government Presented by, Pranita Upadhyaya PhD Student, KU Presented by, Pranita Upadhyaya PhD Student, KU.

Published byAusten Harrington Modified over 9 years ago

Similar presentations

Presentation on theme: "Security Issues on E-Government Presented by, Pranita Upadhyaya PhD Student, KU Presented by, Pranita Upadhyaya PhD Student, KU."— Presentation transcript:

1 Security Issues on E-Government Presented by, Pranita Upadhyaya PhD Student, KU Presented by, Pranita Upadhyaya PhD Student, KU

2 Presentation Overview E-Government & its applications Information Security Security concerns in E-government Nepal’s scenario M-government security

3 Traditional Government Structure : Characteristic TOP DOWN NO or LIMITED LATERAL CONNECTIVITY LIMITED COLLABORATION INFORMATION FLOW PREDOMINANTLY VERTICLE CUSTOMER HAS NO PLACE: WHY? RULES BOUND CULTURE: AUTHORITARIAN

4 Traditional Government Mandate ENACTING & IMPLEMENTING LAWS TAX COLLECTION SECURITY LAW AND ORDER MAINTENANCE NATIONAL DEFENCE

5 Present Day: Government Mandate Besides mentioned above……… Poverty Eradication Social Development Enhancing balanced Economic Development Promote Transparency, Accountability and Democracy Better Service to public, efficient and cost effective

6 The use of digital technologies to transform government operations in order to improve effectiveness, efficiency, and service delivery Definition : E-Government

7 Understanding E-Government e-Government is not about one-time service delivery but about a life-long association ! e-Government is not about isolated government but about partnering with citizens and business! e-Government is not about government centricity but about stakeholder-centric government!

8 Advantages To increase internal efficiency To create new services Easy access to information To participate global information networks Information sharing among Institution Online access to public services Individual efficiency High Performance in teamwork Transparent

9 Examples of e-Services – G2C Birth Certificate Health Care School Admission Scholarships e-Learning Examination Results Employment Services Vehicle Registration Driver’s License Passport/Visa Agriculture Land Record Property Registration Marriage Certificates Taxes Utility Services Municipality Services Pensions Insurance Health Care Death Certificate

10 Examples of e-Services – G2B Close Expand Operate Start-up Explore Opportunities Approvals Permissions Registrations Returns Taxes Permits Compliance Approvals Permissions Project Profiles Infrastructure State Support Approvals Compliance

11 Disadvantages Difficult access for disabilities. Overloaded information. Ambiguity in the cases of confidentiality. copyrights and protection of public information. Gaps result from unequal avaibility opportunities.

12 What is Information Security? Information security, sometimes shortened to InfoSec, is the practice of defending information from unauthorized access, use, disclosure, disruption, modification, perusal, inspection, recording or destruction

13 Building blocks of secure system 1.Authentication- to prove one’s identity 2.Privacy/confidentiality- to ensure that no one can read except the intended receiver 3.Integrity- The message received by receiver is not altered 4.Non repudiation- to prove that sender has really sent the message 5.Availability- system still functions efficiently after some security violations No single measure can ensure complete security

14 Various security measures taken so far……

15 Symmetric and public key cryptosystems Symmetric-key cryptosystem same key is used for encryption and decryption Public-key cryptosystem separate keys for encryption and decryption

16 Public-key encryption: confidentiality Alice wants to send message M to Bob –uses Bob’s public key to encrypt M Bob uses his private key to decrypt M –only Bob has key –no one else can decipher M Identification provided by public key encryption But … anyone can send message to Bob using his public key –how are we sure the message came from Alice?

17 Digital signatures Electronic equivalent of handwritten signatures Handwritten signatures are hard to forge Electronic information is easy to duplicate Digital signatures using public key encryption –Idea: Bob uses his private key to “sign” a message Alice verifies signature using Bob’s public key Data authentication provided by digital signatures

18 Signed challenges User authentication provided by signed challenges –Alice and Bob are real or fraud ?

19 Certification authority A third party trusted by all users that creates, distributes, revokes, & manages certificates Certificates bind users to their public keys Integrity is provided by the certification authority

20 Problem still remains……. Problems of …. attack on availability: disruption or denial of services

21 Solution One cannot get stuck with only fault avoidance Needs to move ahead ….towards fault tolerance Shall cater dynamic behavior of the intrusion

22 Security Assessment & countermeasures Proper planning & security program & techniques are essential to cater threats –Regarding it, one needs to perform Classify the type of service based on ISMM Continuous monitoring using Security Readiness assessment & Follow multiple screening mechanisms ………

23 Screening Mechanisms Prevention Detection Mitigation Response

24 Prevention Establishment of policy and access control –who: identification, authentication, authorization –what: granted on “need-to-know” basis Implementation of hardware, software, and services –users cannot override, unalterable (attackers cannot defeat security mechanisms by changing them) –examples of preventative mechanisms passwords - prevent unauthorized system access firewalls - prevent unauthorized network access encryption - prevents breaches of confidentiality physical security devices - prevent theft Maintenance

25 Prevention is not enough! Bruce Schneier, Counterpane Internet Security, Inc. Prevention systems are never perfect. No bank ever says: "Our safe is so good, we don't need an alarm system." No museum ever says: "Our door and window locks are so good, we don't need night watchmen.“ Detection and response are how we get security in the real world, and they're the only way we can possibly get security in the cyberspace world.

26 Detection Determine that either an attack is underway or has occurred and report it Real-time monitoring Intrusion verification and notification –intrusion detection systems (IDS) –typical detection systems monitor various aspects of the system, looking for actions or information indicating an attack example: denial of access to a system when user repeatedly enters incorrect password

27 Mitigation If detection is not possible,reduce the level of security risk Accomplished by decreasing the threat level best strategy is a combination of all three elements, –decreasing threats by eliminating or intercepting the adversary before attack –blocking opportunities through enhanced security and –reducing consequences if attack occur

28 Response If all of the above are not possible Stop/increase availability of an attack –must be timely! incident response plan developed in advance Assess and repair any damage Resumption of correct operation Evidence collection and preservation –very important identifies vulnerabilities strengthens future security measures

29 Survey report on E-Government Nepal’s Scenario Major threat - DDoS attack –Not only in Nepal but worldwide…. –Here, Increasing system availability major concern

30 Defense Mechanisms What should be the optimal architecture for Nepal? Follow a Security Architecture which consists of all the following building blocks –Prevention –Detection –Mitigation –Response(stop/increase availability) –Increase cost effectiveness through WOG approach

31 Research focus…. Development of WOG architecture and analyze using SHARPE tool Markov chain chosen to cater dynamic behavior of the intruder In WOG system - Security sub system architecture made highly available

32 M-Government Security Similar modality could as well be implemented in M-government Further research in this regard is needed

33 Thank You for your attention

34

Download ppt "Security Issues on E-Government Presented by, Pranita Upadhyaya PhD Student, KU Presented by, Pranita Upadhyaya PhD Student, KU."

Similar presentations

Network Security Chapter 1 - Introduction.

Network Security Chapter 1 - Introduction.
Security by Design A Prequel for COMPSCI 702. Perspective “Any fool can know. The point is to understand.” - Albert Einstein “Sometimes it's not enough.

Security by Design A Prequel for COMPSCI 702. Perspective “Any fool can know. The point is to understand.” - Albert Einstein “Sometimes it's not enough.
Last Class: The Problem BobAlice Eve Private Message Eavesdropping.

Last Class: The Problem BobAlice Eve Private Message Eavesdropping.
Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.

Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.
Information Security & Cryptographic Principles. Infosec and Cryptography Subjects / Topics : 1. Introduction to computer cryptography 1. Introduction.

Information Security & Cryptographic Principles. Infosec and Cryptography Subjects / Topics : 1. Introduction to computer cryptography 1. Introduction.
Chapter 17 Controls and Security Measures

Chapter 17 Controls and Security Measures
1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.

1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.
Chapter 12 Network Security.

Chapter 12 Network Security.
Lecture III : Communication Security, Services & Mechanisms Internet Security: Principles & Practices John K. Zao, PhD SMIEEE National Chiao-Tung University.

Lecture III : Communication Security, Services & Mechanisms Internet Security: Principles & Practices John K. Zao, PhD SMIEEE National Chiao-Tung University.
CMSC 414 Computer (and Network) Security Lecture 2 Jonathan Katz.

CMSC 414 Computer (and Network) Security Lecture 2 Jonathan Katz.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.

BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.
Stephen S. Yau CSE465 & CSE591, Fall 2006 1 Information Assurance (IA) & Security Overview Concepts Security principles & strategies Techniques Guidelines,

Stephen S. Yau CSE465 & CSE591, Fall Information Assurance (IA) & Security Overview Concepts Security principles & strategies Techniques Guidelines,
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.

Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.
ICT Technology being used to Communicate Information.

ICT Technology being used to Communicate Information.
Network Infrastructure Security. LAN Security Local area networks facilitate the storage and retrieval of programs and data used by a group of people.

Network Infrastructure Security. LAN Security Local area networks facilitate the storage and retrieval of programs and data used by a group of people.
Information Security. Information security  All measures taken to prevent unauthorized use of electronic data –unauthorized use includes disclosure,

Information Security. Information security  All measures taken to prevent unauthorized use of electronic data –unauthorized use includes disclosure,
Alexander Potapov.  Authentication definition  Protocol architectures  Cryptographic properties  Freshness  Types of attack on protocols  Two-way.

Alexander Potapov.  Authentication definition  Protocol architectures  Cryptographic properties  Freshness  Types of attack on protocols  Two-way.
Chapter 31 Network Security

Chapter 31 Network Security

Similar presentations

Ads by Google