In the following, the key security challenges facing operation of cross-border eGovernment systems are described.
Network security
With eGovernment the need for security in communication networks is increasing and resilience against network attacks (access, modification, denial of service) is of pivotal importance. Threats to network security (cyber terrorism, cyber espionage, Advanced Persistent Threats, blended threats etc.) are continually changing as vulnerabilities in both established and newly introduced systems are discovered, and solutions to counter those threats are needed. Measures to ensure network security include firewalls and proxy to keep unwanted people out, antivirus software and Internet Security Software suites, anti-malware, encryption, security fencing, as well as improved computer architectures
etc.
Identification
The issue of identification raises several important questions related to our cases. In eProcurement the issue of verifying the identity of a business is important, not only for making sure that the business is who the business purports to be when making a deal, but also in the long-term. Will businesses be able to be held liable in the future by the digital signatures they’ve used when closing deals? Is there a risk that this ID-information might be lost, stolen, deleted, or become insecure, and does this also entail a risk that agreements will not be upheld because there might be doubts about the correctness of the identification of the business? With regard to biometric passports doubts have been aired as to if biometric data will be reliable and if it will be protected against criminals who would want to forge the data and biometric passports. As such the efficacy of biometric data will be a matter that will be addressed. In eHealth the problem of how patients, doctors and other health professionals will identify themselves is an issue. Will a pin code be used? Or a smart card? Which means of identification is needed to create patients’ data, modify them and get access to them and who is responsible for the correctness of a record?
Usability
Usability focuses on making applications and services easy for people to use. The issue of usability is linked to security concerns since attempts to increase data security may decrease their usability. In terms of this project, usability also addresses how data is going to be used and who is using the data. As such usability entails a strong focus on issues of trust in eGovernment invoked by the interaction among actors that control, deliver, or benefit from the service. In eProcurement, usability problems emerge from national requirements demanding company dossiers, or from eSignature schemes. In eHealth different health systems have different record holding systems, and even within these systems there might also be different record holding systems. Even more there is the problem of making the record holding systems fully digital and making sure that staff and patients know how to use a digital system.
Access control
All electronic systems that contain sensitive information will be of interest to people who might want to use this information for nefarious purposes. As a result access control to these systems is needed in order to prevent unwanted use of the information stored. Access control in general has a very wide definition, since it can be anything from your car lock to the pin code to your credit card. But the basic function is to deny unwanted access. In the area of eGovernment these means of access control will mainly be electronic or physical (walls, cards, tamper resistant devices), and the systems can be anything from databases of citizen information, health records, bank accounts and contracts to control of infrastructure such as electricity, roads and airports etc.
Feel free to contact E-SPIN for E-Government infrastructure and application security protection, security monitoring; infrastructure and application availability, performance and monitoring solution.
To know more about E-Government, please click on the link below