Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
ON
Submitted To:
Submitted By:
Rahul Kumar
MCA(LE) ,SEM 3rd
TCA1405041
1 | Page
Dated :
2 | Page
ACKNOWLEDGMENT.
The satisfaction that accompanies that the successful completion of any task would be
incomplete without the mention of people whose ceaseless cooperation made it possible,
whose constant guidance and encouragement crown all efforts with success.
We are grateful to our project guide Mr.Ajay Rastogi for the guidance, inspiration and
constructive suggestions that helpful us in the preparation of this project. We also thank our
colleagues who have helped in successful completion of the project.
Rahul kumar
MCA[LE]
SEM 3rd
3 | Page
Table of Content
1.INTRODUCTION
1.1 Cyber security
1.2 E Governance
2.CONCEPT
2.1 E-GOVERNANCE CONCEPT
2.2 EVOLUTION OF E-GOVERNANCE
2.3 CYBER SECURITY CONCEPT IN E GOVERNANCE
3. APPLICATIONS OF E-GOV
3.1 Real life application of e-Governance
3.2 Application and E-Governance Services
5. CONCLUSION
6. REFERENCE
4 | Page
5 | Page
vital role in the success of security programs. Even if all these people had motivation and
interest to behave securely, they would individually not know how to collectively act to
prevent, detect, and recover from harm without preplanned process. So security professionals
are expected to weave security programs into existing organizational processes and make
strategic use of technology in support of cyber security goals.
Confidentiality, integrity, and availability addresses the security objectives that are
specific to information. Confidentiality refers to a systems capability to limit dissemination
of information to authorized use. Integrity refers to ability to maintain the authenticity,
accuracy, and provenance of recorded and reported information. Availability refers to the
timely delivery of functional capability. These information security goals applied to
information even before they were on computers, but the advent of cyberspace has changed
the methods by which the goals are achieved, as well as the relative difficulty of goal
achievement. Technologies to support confidentiality, integrity, and availability are often at
odds with each other. For example, efforts to achieve a high level of availability for
information in cyberspace often make it harder to maintain information confidentiality.
Sorting out just what confidentiality, integrity, and availability means for each type of
information in a given system is the specialty of the cyber security professional. Cyber
security refers in general to methods of using people, process, and technology to prevent,
detect, and recover from damage to confidentiality, integrity, and availability of information
in cyberspace.
1.2 E-GOVERNANCE
"E-Governance" or "eGov" means using electronic media, particularly the web, to deliver
public information and public services
eGovernance applications empower citizens and businesses to transact Governance business
on-line that might otherwise require "a trip downtown". Agencies benefit, too, from
reduced paperwork, improved databases, and increased efficiency.
8 | Page
There are four pillars of E-Governance:1. CONNECTIVITY:-Connectivity is required to connect the people to the services of the
Governance. There should be a strong connectivity for an effective e-governance.
2. KNOWLEDGE: - Here knowledge refers to IT knowledge. Governance should employ
skill full engineers who can handle the e-governance in an efficient way. These engineers also
handle all kind of fault that may occur during the working of e-governance.
3. DATA CONTENT: - To share any kind of knowledge or information over the internet,
there should be its database. This database should have the data content which is related to
Governance services.
4. CAPITAL:-Capital can be on public or private partnership. It refers to money used by
Governance to provide their services or to that sector of the economy based on its operation
9 | Page
10 | P a g e
2.Concepts
2.1 E-Governance concept
The concept of an e-Governance system is to provide access to Governance services
anywhere at any time over open networks. This leads to issues of security and privacy in the
management of the information systems. Managing such issues in the public sector has
different emphases than in the private sector. The broader e-Governance approach is sociotechnical by nature, involving people and processes as well as technologies; hence,
particularly in transitional countries, the social culture and characteristics of the country are
factors in successful e-Governance development. In the open literature there are four distinct
aspects to e-Governance. The remainder of this section gives an overview of this literature.
11 | P a g e
importance since it can influence Governances and users willingness to adopt the online
services offered. The European Parliament, via the Science and Technology Options and
Assessment has asked The European Technology Assessment Group (ETAG), which includes
3. Application
3.1 REAL LIFE APPLICATION OF e-Governance
Online interactive maps shows city streets and neighborhoods, including ball fields, tennis
courts, and other parks & recreation facilities. Coaches, players, leagues, schools and
individuals can visit the departmental web site from home or office, at any hour, weekends &
weekdays. Users of the online system can locate facilities by name, neighborhood or street
address. They can query the database to find available fields, courts, etc. for specific times
and dates.
The interactive map can color-code facilities, based on availability, simplifying the process of finding
an available facility that is also nearby. Interactive maps are easily printed directly from the eGov
web site. Advanced systems can accept reservations online, and collect appropriate fees paid via
credit card.
14 | P a g e
E Gov Examples
Public services and community statistics: Increase citizen participation and awareness
by making it easy to obtain up-to-date maps and reports of services, facilities, and
statistics.
Health conditions and epidemiology system: The U. S. Center for Disease Control
helps prevent disease and accidents by presenting incidence, mortality, and other
statistics using this interactive web map system
Polling place locator system: Encourage voting by mapping current polling places
based on voter address.
School bus route finder system: Improve customer service by letting parents find the
nearest school bus route.
Tax rate locator: Improve tax return accuracy and increase tax collections by letting
business map their locations vis a vis boundaries of Local Improvement districts and
other special assessment zones
.
Community services locator: Improve public access to existing services by mapping
locations of elderly services, community health clinics, "little city halls", and
community police offices
.
Assisted housing locator: Help families and elderly choose subsidized housing units
by mapping available units & showing proximity to transit and other facilities.
The E-Payment provides the capability for any e-commerce website to accept electronic
payment methods. This service allows any web application to enable its customers to make
payments online. Features include:
Fig.6 E-Payment
Enterprise Authorization & Authentication
Enterprise A&A is the State of Iowa's shared logon service. It handles user registration,
account management (like changing and recovering passwords) and simple privilege
management functions.
The service lets users enjoy having just one account to give them access to multiple
applications and a consistent way to manage that account. Implementing a common account
resource makes it less expensive and easier to offer multiple services and applications to
citizens and employees alike. Features include:
17 | P a g e
expedited the process of checking backgrounds of employees and volunteers as often required
by regulations and policies.
eLeave
eLeave Service allows employees and supervisors to input and review leave requests
while using the internet. As long as the internet is available, a person can input leave
requests and review requests. This provides an easy way for supervisors to quickly see
who has requested leave as well as those who have worked overtime. They can also
approve or deny a request. This provides a quick feedback to the person requesting the
leave. The following items are available:
View a calendar with the leave requests of your department. This allows each person
to view who has requested leave. It does not provide the details of the leave requests.
19 | P a g e
Address Validation
Address Validation is the verification of address information. The service uses a database
supplied by the United States Postal Service (USPS) to determine if an address is a
deliverable address. The service will also return the address in the standardized USPS format.
The service can be accessed either by providing a file which will be run as a batch process or
by submitting addresses one at a time to our web service. In addition to the return of the
address itself, we can also provide additional information such as county number, county
name, geo code and congressional district. An additional item that is offered is the National
Change of Address. If you provide 100 or more unique addresses, we can process the files
through the National Change of Address (NCOA) data to determine if the person, family or
business has moved. If the move is within the last 18 months, we can return the new address.
We can also provide information detailing if the move is for an individual, a family or a
business. There are many advantages to address verification:
Addresses in a database can be searched more effectively as they are in the same
format. The spellings of streets and cities are the same throughout the database.
Postal discounts can be obtained when the addresses are standardized and processed
through the NCOA. Agencies can see a decrease of as much as 10 cents per item
mailed.
Service-Oriented Architecture (SOA)
Service-Oriented Architecture (SOA) is a Utility that provides the service oriented
infrastructure for use by state agencies. SOA has been adopted as a standard for software
development, to drive reuse among agencies and foster greater sharing of information. An
SOA Advisory Committee was created by the Technology Governance Board to develop
standards for IT-related initiatives within the Board's purview. The Committee is led by DASITE with volunteer members from State agencies and oversight by the JCIO (joint council of
large-agency CIOs).
20 | P a g e
21 | P a g e
Policy Makers and Strategists define how a company deals with different security risks and
meets its legal obligations and gets these policies implemented. Private sector has CISOs
(Chief Information Security Officers) often supported by a team. Governance has ITSOs (IT
security officers) and DSOs (Departmental security officers).
OPERATIONS & SECURITY MANAGEMENT
Operations and Security Managers protect data on networks, laptops and mobile devices, they
may manage encryption and other protective measures like firewall rules.
ENGINEERING, ARCHITECTURE & DESIGN
Engineering, Architecture and Design Designing secure code and applications; architecting a
secure system or creating new security tools are all essential parts of cyber security but
nothing stays still so you will need to keep changing fast.
EDUCATION, TRAINING AND AWARENESS
Education Training and Awareness are demanding whether the job is about training
newcomers, keeping experts up to date or enabling staff or customers to benefit fully from
technology they are using.
RESEARCH
Research may be highly technical or more policy or psychology orientated. Areas include
Complex models to help understand and manage risks. invention of new technologies or new
ways to apply them to reduce risks; looking for the next big thing.
LAWYERS SPECIALISING IN ADVICE AND PROSECUTION FOR INTERNET
CRIME AND DATA PROTECTION
Lawyers specializing in the advice and prosecution of data security and Internet crime. The
need for expert advice is growing with high levels of crime and penalties for organizations
that dont protect data sufficient
Threat analysis, intrusion and data analysis, intelligence and counter intelligence;
22 | P a g e
Forensics investigation;
Programming;
Technical writing;
defined policies and procedures, the use of robust tools, and constant vigilance. It is helpful to
begin a security improvement program by determining the current state of security at the site.
Methods for making this determination in a reliable way are becoming available. Integral to a
security program [5] are documented policies and procedures, and technology that support
their implementation.
A. Security policy
If it is important to be secure, then it is important to be sure. All of the security policy is
enforced by mechanisms that are strong enough. There are organized methodologies and risk
assessment strategies to assure completeness of security policies and assure that they are
completely enforced. In complex systems, such as information systems, policies can be
decomposed into sub-policies to facilitate the allocation of security mechanisms to enforce
sub-policies. A policy is a documented high-level plan for organization-wide computer and
information security. It provides a framework for making specific decisions, such as which
defense mechanisms to use and how to configure services, and is the basis for developing
secure programming guidelines and procedures for users and system administrators to follow.
Because a security policy is a long-term document, the contents avoid technology-specific
issues.
Definition of acceptable use for users
Guidelines for reacting to a site compromise.
High-level description of die technical environment of the site, the legal environment
(governing laws), the authority of the policy, and the basic philosophy to be used when
interpreting the policy
Risk analysis that identifies the site's assets, the threats that exist against those assets, and
the costsof asset loss
Guidelines for system administrators on how to manage systems
24 | P a g e
25 | P a g e
26 | P a g e
CONCLUSION
It is evident from above discussion that information security in an essential part of any egovernance initiative.
In Indian e-governance scenario, however, the security aspects are not being taken as
seriously. In large number of cases it is not difficult to see that the decision-makers in the
Governance prefer to compromise when it comes to high end technology adoption,
implementation and maintenance. Digital security is critical in e-governance initiatives.
Confidentiality of any transaction or information available on the network is crucial. The
Governance document and other important material have to be protected from unauthorized
users in case of e-governance projects. Hence security is critical for successful
implementation of such projects. E-governance coupled with security systems providing
adequate protection is the requirement of any system design effort to beat the inertia.
27 | P a g e
REFERENCES
[1]E-Governance in India: Opportunities and challenges, JOAAG, Vol.
3. No. 2, 2008.
[2]Shailendra Singh, Sanjay Silakari. A Survey of Cyber Attack
Detection Systems, International Journal of Computer Science and
Network Security, ISSN-1738-7906, Vol.9 No.5, pp1-10 May 2009.
[3]A busive behavior http://www.us-rt.gov/control_systems/pdf/undirEcted_attack0905.pdf
[4]DefiningMalware:FAQ".technet.microsoft.com.http://technet.micros
oft.com/en-us/library/dd632948.aspx. Retrieved 2009-09-10.
[5]Cho, Dong-ki. The information society and privacy, media and
culture in the information age, Seoul, 1998.
[6]Clarkke, R. A hidden challenge to the regulation of data surveillance,
Jounrnal of Law and Information Science 4(2), 1993
[7]Steven H. Spewak& Steven C. Hill, Enterprise Architecture
Planning: Developing a Blueprint for Data, Application and
Technology, John Wiley & Sons, New York, ISBN 0-471-599859
28 | P a g e