Role-Based and Service-Oriented Security Management in the E-Government Environment

  • Chien-Chih Yu
Part of the Lecture Notes in Computer Science book series (LNCS, volume 5693)


This paper proposes a role-based and service-oriented security management framework suitable for the e-government operating environment. Based on user roles and functional classes of e-government services, security threats and vulnerabilities related to e-government systems and applications are identified. In the mean time, security requirements as well as appropriate mechanisms for preventing, detecting and recovering from security attacks are specified. Also provided are suggestions and guidelines for planning and controlling e-government security policies.


E-government role-based service-oriented security management 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Belanger, F., Carter, L.: Trust and Risk in e-Government Adoption. Journal of Strategic Information Systems 17(2), 165–176 (2008)CrossRefGoogle Scholar
  2. 2.
    Cansell, D., Gibson, J.P., Mery, D.: Refinement: A Constructive Approach to Formal Software Design for a Secure e-Voting Interface. Electronic Notes in Theoretical Computer Science 183, 39–55 (2007)CrossRefGoogle Scholar
  3. 3.
    Chang, E., Dillon, T.S., Hussain, F.: Trust Ontologies for e-Service Environments. International Journal of Intelligent Systems 22(5), 519–545 (2007)CrossRefGoogle Scholar
  4. 4.
    Grimsley, M., Meehan, A.: E-government Information Systems: Evaluation-led Design for Public Value and Client Trust. European Journal of Information Systems 16(2), 134–148 (2007)CrossRefGoogle Scholar
  5. 5.
    Guo, X., Lu, J.: Intelligent E-Government Services with Personalized Recommendation Techniques. International Journal of Intelligent Systems 22, 401–417 (2007)CrossRefGoogle Scholar
  6. 6.
    Jaamour, R.: Securing Web Services. Information System Security 14(4), 36–44 (2005)CrossRefGoogle Scholar
  7. 7.
    Joshi, J.B.D., Ghafoor, A., Aref, W., Spafford, E.H.: Digital Government Security Infrastructure Design Challenges. IEEE Computer 34(2), 66–72 (2001)CrossRefGoogle Scholar
  8. 8.
    Kaliontzoglou, A., Sklavos, P., Karantjias, T., Polemi, D.: A Secure e-Government Platform Architecture for Small to Medium Sized Public Organizations. Electronic Commerce Research and Applications 4(2), 174–186 (2005)CrossRefGoogle Scholar
  9. 9.
    Kesh, S., Ratnasingam, P.: A Knowledge Architecture for IT Security. Communications of the ACM 50(7), 103–108 (2007)CrossRefGoogle Scholar
  10. 10.
    Kobsa, A.: Privacy-enhanced Personalization. Communications of the ACM 30(8), 24–33 (2007)CrossRefGoogle Scholar
  11. 11.
    Ksiezopolski, B., Kotulski, Z.: Adaptable Security Mechanism for Dynamic Environments. Computers & Security 26(3), 246–255 (2007)CrossRefGoogle Scholar
  12. 12.
    Lambrinoudakis, C., Gritzalis, S., Dridi, F., Pernul, G.: Security Requirements for e-Government Services: A Methodological Approach for Developing a Common PKI-based Security Policy. Computer Communications 26(16), 1873–1883 (2003)CrossRefGoogle Scholar
  13. 13.
    Lee, S.M., Tan, X., Trimi, S.: Current Practices of Leading e-Government Countries. Communications of the ACM 48(10), 99–104 (2005)CrossRefGoogle Scholar
  14. 14.
    Lim, B.B.L., Sun, Y., Vila, J.: Incorporating WS-Security into a Web Service-based Portal. Information Management and Computer Security 12(2/3), 206–216 (2004)CrossRefGoogle Scholar
  15. 15.
    Lioudakis, G.V., et al.: A Middleware Architecture for Privacy Protection. Computer Networks 51(16), 4679–4696 (2007)CrossRefzbMATHGoogle Scholar
  16. 16.
    Pardo, T.A., Tayi, G.K.: Interorganizational Information Integration: A Key Enabler for Digital Government. Government Information Quarterly 24(4), 691–715 (2007)CrossRefGoogle Scholar
  17. 17.
    Saint-Germain, R.: Information Security Management Best Practice Based on ISO/IEC 17799. The Information Management Journal 39(4), 60–66 (2005)Google Scholar
  18. 18.
    Smith, S., Jamieson, R.: Determining Key Factors in E-Government Information System Security. Information Systems Management 23(2), 23–32 (2006)CrossRefGoogle Scholar
  19. 19.
    Stibbe, M.: E-Government Security. Infosecurity Today 2(3), 8–10 (2005)CrossRefGoogle Scholar
  20. 20.
    Swart, R.S., et al.: Dimensions of Network Security Planning for Web Services. Journal of Information Privacy and Security 1(1), 49–66 (2005)CrossRefGoogle Scholar
  21. 21.
    Tanaka, H., Matsuura, K., Sudoh, O.: Vulnerability and Information Security Investment: An Empirical Analysis of e-Local Government in Japan. Journal of Accounting and Public Policy 24(1), 37–59 (2005)CrossRefGoogle Scholar
  22. 22.
    United Nations: United Nations e-Government Survey 2008: From e-Government to Connected Governance. United Nations Publication (2008),
  23. 23.
    von Solms, B.: Information Security - A Multidimensional Discipline. Computers & Security 20, 504–508 (2001)CrossRefGoogle Scholar
  24. 24.
    Yu, C.C.: Building a Value-Centric e-Government Service Framework Based on a Business Model Perspective. In: Wimmer, M.A., Scholl, H.J., Ferro, E. (eds.) EGOV 2008. LNCS, vol. 5184, pp. 160–171. Springer, Heidelberg (2008)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2009

Authors and Affiliations

  • Chien-Chih Yu
    • 1
  1. 1.Dept. of MISNational ChengChi UniversityTaipeiTaiwan

Personalised recommendations