Information security governance for e-services in southern African developing countries e-Government projects-Reference-Cited by-同舟云学术

Information security governance for e-services in southern African developing countries e-Government projects

Published:2016-03-07 Issue:1 Volume:7 Page:26-42
ISSN:2053-4620
Container-title:Journal of Science & Technology Policy Management
language:en
Short-container-title:

Author:

Ramtohul Avinash,Soyjaudah K.M.S.

Abstract

Purpose – Highly sensitive information pertaining to citizens and government transactions is processed in an electronic format, making information security a critical part of e-Government applications and architectures. Information security measures should ideally span from authentication to authorisation and from logical/physical access control to auditing of electronic transactions and log books. The lack of such measures compromises confidentiality, integrity and availability of information. Today, most e-Government projects in developing countries in Southern Africa Developing Community (SADC) face challenges in two main areas, namely, information security and application software integration. This paper aims to discuss and analyse the information security requirements for e-Government projects and proposes an information security governance model for service-based architectures (SBAs). Design/methodology/approach – The current state of information security in emerging economies in SADC countries was researched. The main problems identified were the lack of software integration and information security governance, policy and administration. The design consists of three basic layers: information security governance defined at the strategic level of the government; information security policy/management defined at the management/operational level; and information security measures, implemented at the technical level. This section also proposes a policy for implementing public key infrastructures to protect information, transactions and e-services. A Token-Ring-based mechanism for implementing Single-Sign-On has also been developed as part of this study. Findings – The main problems identified were the lack of software integration and information security governance, policy and administration. These challenges are causing e-government projects to stagnate. Practical implications – The proposed approach for implementing information security in e-Government systems will ensure a holistic approach to ensuring confidentiality, integrity and non-repudiation, allowing e-Government maturity to progress from “interaction” to “online transaction” stage in emerging economies. Originality/value – Research has not focused on developing a solution for emerging economies which are facing difficulties in integration software applications to deploy end-to-end e-services and to produce an underlying identity management architecture and information security governance to secure the e-services developed and deployed using an SBA. The work produced in this paper is specific to SBAs in e-government environments where legacy systems already exist. The work includes: information security governance defined at the strategic level of the government; information security policy/management defined at the management/operational level; and information security measures implemented at the technical level. This section also proposes a policy for implementing public key infrastructures to protect information, transactions and e-services. A Token-Ring-based mechanism for implementing Single-Sign-On has also been developed as part of this study.

Publisher

Emerald

Reference19 articles.

1. Chetty, J. and Coetzee, M. (2010), “Information security for South Africa (ISSA)”, Towards an Information Security Framework for Service-oriented Architecture, 978-1-4244-5495-2/10, IEEE.

2. COMNET-IT (2002), Country profiles of e-Governance by The Commonwealth Network of Information Technology for Development Foundation , United Nations Educational, Scientific and Cultural Organisation, Paris, pp. 5-8.

3. Das, R.K. and Patra, M.R. (2009), ACM International Conference Proceeding Series; Vol. 322 of the 3rd International Conference on Theory and Practice of Electronic Governance, Bogota, 10-13 November, pp. 36-41.

4. Fensel, D. and C. Bussler (2009), “The web service modeling framework WSMF”, Electronic Commerce Research and Applications , Vol. 1 No. 2, pp. 113-137.

5. Gerie, S. (2010), “Security of Web services based service-oriented architectures”, Proceedings of the 33rd International Conference on MIPRO 2010, IEEE, Opatija, pp. 1250-1255.

Cited by 9 articles. 订阅此论文施引文献订阅此论文施引文献，注册后可以免费订阅5篇论文的施引文献，订阅后可以查看论文全部施引文献

1. Framework for critical information infrastructure protection in smart government: a case study in Indonesia;Information & Computer Security;2023-09-13

2. Online security in e-government as an antecedent of cost-effectiveness and quality in business operations;Information & Computer Security;2023-04-20

3. Design of government-citizen participation model for sustainable eGovernment ecosystem - Indian context;Electronic Government, an International Journal;2023

4. The disruption of blockchain in auditing – a systematic literature review and an agenda for future research;Accounting, Auditing & Accountability Journal;2021-05-24

5. Designing conceptual model and statistical validation for Government-citizen participation model in Indian context;International Journal of Information Technology;2021-01-06