Security Issues in EGovernment

1
Security Issues in E-Government
A Presentation for K778 Li Zhao October 3, 2006
2
AGENDA

• Introduction

• E-Government Services Assets

• Threats to E-Government

• Security Requirements

• Technological Solutions

• Case

• Conclusion

3
Introduction

• Definition of E-Government
• "E-Government" refers to the use by
  government agencies of information technologies
  (such as Wide Area Networks, the Internet, and
  mobile computing) that have the ability to
  transform relations with citizens, businesses,
  and other arms of government.
• Source The World Bank

Assets
Threats
Sec. Requirements
Techno. Solutions
Case
Conclusion
4
Introduction

• Categories of E-Government

Assets
Threats

• E-Services
• E-Management
• E-Democracy
• E-Policy
• (Gil-Garcia and Luna-Reyes, 2003)

Sec. Requirements
Techno. Solutions
Case
Conclusion
5
Introduction

• E-Services

Assets
Threats

• E-Services applications are those relating to
  the delivery of information or services to the
  citizen.
• (Zweers and Planque, 2001)

Sec. Requirements
Techno. Solutions
Case
Conclusion
6
Introduction
E-Management
Assets
Threats

• E-Management applications include those
  related to the improvement of government internal
  operations inside a single instance of government
  or across agencies.
• (Gronlund, 2001)

Sec. Requirements
Techno. Solutions
Case
Conclusion
7
Introduction

• E-Democracy

Assets
Threats

• E-Democracy is mostly associated with
  electronic voting , but it is also associated
  with citizen participation in the process of
  policy making, promoting and preserving the
  democratic values.
• (Fountain,2003)

Sec. Requirements
Techno. Solutions
Case
Conclusion
8
Introduction
E-Policy
Assets
Threats

• E-Policy is related to the design of public
  policies that facilitate and promote the
  development of the information society.

Sec. Requirements
Techno. Solutions
Case
Conclusion
9
Introduction
E-Government Services Assets
Assets

• Personal data
• Corporate information
• E-Government service
• Authentication credentials
• Objects (represent monetary or other value )

Threats
Sec. Requirements
Techno. Solutions
Case
Conclusion
10
Introduction

• E-Government Services Assets (I)

Assets
Threats

• The personal data relating to a client for any
  E-Government service must be protected against
  loss, damage, or unwarranted disclosure in line
  with the relevant data protection and privacy
  legislation.
• The corporate information base of government in
  general and organizations offering E-Government
  services must be protected against loss,
  unwarranted disclosure or introduction of
  erroneous content.

Sec. Requirements
Techno. Solutions
Case
Conclusion
11
Introduction

• E-Government Services Assets (II)

Assets
Threats

• The E-Government service (comprising the
  applications and delivery platforms) must be
  protected against threats to its availability and
  the integrity of the service offered.
• Authentication credentials must be protected
  against forgery or unwarranted use.

Sec. Requirements
Techno. Solutions
Case
Conclusion
12
Introduction

• E-Government Services Assets (III)

Assets
Threats

• Objects that represent monetary or other value
  must be protected against fraud. Some of the
  E-Government transactions are likely to result in
  cashable orders, which must be properly
  controlled, some may relate to the delivery of
  goods that can be misappropriated.

Sec. Requirements
Techno. Solutions
Case
Conclusion
13
Introduction

• Threats to E-Government

Assets
Threats

• Potential sources of threat
• Possible methods of attack

Sec. Requirements
Techno. Solutions
Case
Conclusion
14
Introduction

• Potential Sources of Threat

Assets
Threats

• Internal sources of threat
• External sources of threat

Sec. Requirements
Techno. Solutions
Case
Conclusion
15
Introduction

• Internal Sources of Threat

Assets
Threats

• Legitimate clients
• Government users or their representatives
• Insiders

Sec. Requirements
Techno. Solutions
Case
Conclusion
16
Introduction
Legitimate clients
Assets
Threats

• Legitimate clients of E-Government services
  may seek to misuse or damage E-Government service
  provision.
• Such individuals may possess, or have access
  to, significant technical resources and skills
  with a strong motivation to subvert the service
  frequently for financial gain. Legitimate
  clients of E-Government services may also
  unintentionally damage E-Government services.

Sec. Requirements
Techno. Solutions
Case
Conclusion
17
Introduction

• Government users

Assets
Threats

• Government users or their representatives
  who are, or have been, responsible for the
  provision or operation of E-Government services
  may seek to exploit that privileged position.
• This will generally include government
  employees, their agents or employees of outside
  organizations contributing to E-Government
  services.

Sec. Requirements
Techno. Solutions
Case
Conclusion
18
Introduction

• Insiders

Assets
Threats

• Insiders who are not associated with the
  provision of E-Government services but who may
  share access to the Government Secure Intranet.
• This will generally include government
  employees or their agents who have access to the
  Government Secure Intranet but no responsibility
  for E-Government service provision.

Sec. Requirements
Techno. Solutions
Case
Conclusion
19
Introduction
External Sources of Threat
Assets
Threats

• Hostile outsiders
• Criminal organizations
• Foreign intelligence services
• Commercial organizations
• Investigation agencies
• Terrorist organizations

Sec. Requirements
Techno. Solutions
Case
Conclusion
20
Introduction
External Sources of Threats (I)
Assets
Threats

• Hostile outsiders are individuals or groups who
  possess access to the Internet but no other
  association with the E-Government services.
• Criminal organizations including organized crime
  groups as well as petty criminals may be
  attracted by the potential for large-scale fraud
  presented by E-Government services.

Sec. Requirements
Techno. Solutions
Case
Conclusion
21
Introduction
External Sources of Threats (II)
Assets

• Foreign intelligence services may seek to exploit
  E-Government services as a means of obtaining
  information on the workings of government or on
  individuals of interest. There may also be a
  threat of attacks designed to disrupt the
  workings of E-Government although such attacks
  are only thought to be likely in times of
  heightened international tension.
• Commercial organizations may seek to acquire
  information about competing companies, customers,
  debtors etc from E-Government related sources.

Threats
Sec. Requirements
Techno. Solutions
Case
Conclusion
22
Introduction
External Sources of Threats (III)
Assets
Threats

• Investigation agencies may seek to exploit
  E-Government systems as a source of information
  on targets of interest for example financial
  information or other personal details.
• Terrorist organizations may seek to exploit
  E-Government systems as a source of targeting
  information on individuals.

Sec. Requirements
Techno. Solutions
Case
Conclusion
23
Introduction
Possible Methods of Attack
Assets
Threats

• Electronic attack
• Other attack approaches

Sec. Requirements
Techno. Solutions
Case
Conclusion
24
Introduction
Electronic attack (I)
Assets
Threats

• Hacking includes all attempts at unauthorized
  access to E-Government systems whether by
  insiders or from external sources. Methods
  include the exploitation of weaknesses in
  configuration or implementation, unauthorized use
  of access credentials, and internal breaches of
  operating procedures.

Sec. Requirements
Techno. Solutions
Case
Conclusion
25
Introduction
Electronic attack (II)
Assets
Threats

• Malicious Software (including viruses) threatens
  the availability and integrity of E-Government
  systems.
• Denial of service flooding attacks are designed
  to render a target system temporarily unusable by
  overloading the external access points to the
  system with excessive numbers of requests for
  service.

Sec. Requirements
Techno. Solutions
Case
Conclusion
26
Introduction
Other attack approaches (I)
Assets
Threats

• Use of an insider is the preferred method of
  attack for many hostile organizations. Insiders
  are well placed to circumvent security
  installations designed to prevent attack from
  outside.
• Deception may be practiced by sophisticated
  attackers who may attempt to pass themselves off
  as clients or other users in order to achieve
  access to information of interest.

Sec. Requirements
Techno. Solutions
Case
Conclusion
27
Introduction
Other attack approaches (II)
Assets
Threats

• Denial may be practiced by attackers who may
  attempt to deny a commitment or obligation
  entered into as part of an E-Government service
  action. If a legitimate transaction can
  subsequently be disavowed or otherwise
  challenged, opportunities for fraud are created.
• Forgery may be used to create or obtain false
  access credentials and thereby gain unauthorized
  access to E-Government services.

Sec. Requirements
Techno. Solutions
Case
Conclusion
28
Introduction
Other attack approaches (III)
Assets
Threats

• Theft may be used to obtain unauthorized control
  of legitimate access credentials or other
  information or equipment, which may then be
  presented to gain unauthorized access to
  E-Government services.

Sec. Requirements
Techno. Solutions
Case
Conclusion
29
Introduction
Security Requirements (I)
Assets
Threats

• Identification and Authentication
• Access control
• Non repudiation
• Evidence of receipt
• Privacy

Sec. Requirements
Techno. Solutions
Case
Conclusion
30
Introduction

• Security Requirements (II)

Assets
Threats

• Confidentiality
• Integrity
• Trusted commitment service
• Availability

Sec. Requirements
Techno. Solutions
Case
Conclusion
31
Introduction

• Technological solutions

Assets
Threats

• Security Technologies
• Cost-effective strategy

Sec. Requirements
Techno. Solutions
Case
Conclusion
32
Introduction

• Security Technologies

Assets

• Firewall
• Antivirus software (Anti-spy)
• Intrusion Detection
• PKI (Cryptography, Identification techniques)
• ...
• (Source K778 session 3 course notes)

Threats
Sec. Requirements
Techno. Solutions
Case
Conclusion
33
Introduction

• Security Technologies

Assets
Threats

• None of these technologies is entirely secure.
• None of these technologies can fulfill all
  security requirements.

Sec. Requirements
Techno. Solutions
Case
Conclusion
34
Introduction

• Technological Solutions

Assets
Threats

• Which kind of technology should be adopted
  for building the appropriate level of security
  for a type of E-Government application

Sec. Requirements
?
Techno. Solutions
Should we always select the most secure
technology
?
Case
Conclusion
35
Introduction

• Cost-effective strategy

Assets
Threats

• People have to design cost-effective
  strategies that reach a balance between
  productivity and risk.
• Technical limitations force trade-offs
  between costs and benefits.
• (Irvine, 2000)

Sec. Requirements
Techno. Solutions
Case
Conclusion
36
Example
Introduction
Authentication
Assets
Threats

• Authentication is important for
  E-Government. There are three different ways of
  authentication technologies.
• The first set of technologies is based in
  something the user Knows, like passwords or user
  names.
• (Luis F. Luna-Reyes and J. Ramn
  Gil-Garca, 2003)

Sec. Requirements
Techno. Solutions
Case
Conclusion
37
Example
Introduction
Authentication
Assets
Threats

• The second authentication category uses something
  the user has, such as smart cards, tokens or
  digital certificates.
• Finally, authentication technology could be built
  in terms of something the use is, like
  fingerprints, retinal scans or other biometrics.

Sec. Requirements
Techno. Solutions
Case
Conclusion
38
Introduction
Authentication
Assets
Threats

• Although the authentication of the user is
  desirable, simple user authentication mechanisms
  such as passwords are cost-effective for most of
  these applications.

Sec. Requirements
Techno. Solutions
Case
Conclusion
cost-effective
39
Introduction
A case for E-Government
Assets
Threats

• An E-Tax System Based on PKI

Sec. Requirements
Techno. Solutions
Beijing Local Taxation Bureau E-Tax System
Case
Conclusion
Total amount of taxation per year was 12
billion Ca dollars in 2005.
40
Introduction
BLTB E-Tax System
Assets
Threats

• Functions
• Declare taxes online
• Pay taxes online
• Tax notification
• ......

Sec. Requirements
Techno. Solutions
Case
Conclusion
41
BLTB E-Tax System
Introduction
Security requirements
Assets
Threats

• Integrity of tax information
• Non-repudiation of tax information declared
• Authentication of the taxpayers or BLTB
• Confidentiality of tax information
• Privacy of the taxpayers
• Trusted commitment service (Payment Online)
• Availability

Sec. Requirements
Techno. Solutions
Case
Conclusion
42
System structure
Introduction
Assets
Bank
Bank
BLTB Intranet
Threats
Sec. Requirements
CA
E-Tax System
DDN/FR
Access Platform
Internet
Techno. Solutions
Case
Conclusion
DDN/X.25/FR
Enterprise Intranet
43
BLTB E-Tax System
CA System
Introduction
Assets
Tax Payer
BJCA
Tax Payer
Threats
Sec. Requirements
Internet
RA Server
Techno. Solutions
Cryptographic Device
Case
LDAP
E-Tax System
Conclusion
LDAP
Office 1
Office n
44
E-Tax Process
Introduction
Assets
Threats
CA
Issue Certificates
BLTB
Sec. Requirements
2d
Techno. Solutions
1a
1b
Case
Conclusion
2a
2b
Tax Payer
2c
Bank
Fisk
45
Introduction
Conclusion
Assets
Threats

• No E-Government System is entirely secure.
• None of the Security technologies can fulfill all
  security requirements.
• Technical limitations force trade-offs between
  benefits and costs, i.e. productivity and risk.

Sec. Requirements
Solutions
Case
Conclusion
46
References

• Impacts of Internet use on Public Administration
  A Case Study of the Brazilian Tax Administration
• Authors Maria Virginia de Vasconcellos and Maria
  das Graças Rua
• Publisher Electronic Journal of e-Government,
  2005
• The Risk of e-Voting
• Author Thomas W. Lauer
• Publisher Electronic Journal of e-Government,
  2004
• Security requirements for e-government services
  a methodological approach for developing a
• common PKI-based security policy
• Authors Costas Lambrinoudakis, Stefanos
  Gritzalis, Fredj Dridi, and Günther Pernul
• Publisher Computer Communications ,2003
• eGovernment Internet Security Some Technical
  and Policy Considerations
• Authors Luis F. Luna-Reyes and J. Ramn
  Gil-Garca, 2003
• http//www.ejeg.com/0
• http//www.pkilaw.com/
• http//www.e-envoy.gov.uk/about-epolicy-esecurity/
  file/trustsecurity-index.htm

47
Introduction
Assets
Questions
Threats
Sec. Requirements
?
Solutions
Case
Conclusion