EVALUATION OF ELECTRONIC GOVERNMENT SECURITY ISSUES APPLIED TO COMPUTER CENTER OF BAGHDAD UNIVERSITY (CASE STUDY)
Main Article Content
Abstract
Information security contributes directly to increase the level of trust between the government’s departments by providing an assurance of confidentiality, integrity, and availability of sensitive governmental information. Many threats that are caused mainly by malicious acts can shutdown the egovernment services. Therefore the governments are urged to implement security in e-government projects.
Some modifications were proposed to the security assessment multi-layer model (Sabri model) to be more comprehensive model and more convenient for the Iraqi government. The proposed model can be used as a tool to assess the level of security readiness of government departments, a checklist for the required security measures and as a common security reference in the government organizations of Iraq. In order to make this model more practical, applicable and to represent the security readiness with a numerical value, evaluation modeling has been done for this model by using fuzzy logic tool of MATLAB R2010a program.
Since the risk assessment is considered as a major part in the information security management system, an effective and practical method to assess security risk is proposed by combining FEMRA (fuzzy expert model risk assessment) and Wavelet Neural Network (WNN). The fuzzy system is used to generate the training data set in order to make the required training for WNN. The proposed method is applied when a risk assessment case study is made at the computer center of Baghdad University. It is found from the numerical results that the risk levels obtained by WNN are (with maximum of 58.23) too close to these calculated from FEMRA (with maximum of 60), with an average error of 5.51%. According to these results, the proposed method is effective and reasonable and can provide the support toward establishing the e-government.
Article Details
How to Cite
Publication Dates
References
Alireza S. Sendi, M. Jabbarifar, M. Shajari and M. Dagenais, “FEMRA: Fuzzy Expert Model for Risk Assessment”, Proceedings of the IEEE , International Conference on Internet Monitoring and Protection, pp.48-53, 2010.
AS/NZS, “Risk Management”, SAI Global, Third Edition, 2004.
Charles P. Pfleeger and Shari L. Pfleeger, “Security in Computing”, Prentice Hall, third edition, 2002.
Costas Lambrinoudakis, S. Gritzalis, F. Dridi and G. Pernul, “Security Requirements for EGovernment Services: A Methodological Approach for Developing A Common PKI-based Security Policy”, Elsevier, Computer Communications 26, 1873–1883, 2003.
D. Elliott Bell, “Concerning Modeling of Computer Security”, Proceedings of the IEEE International Symposium on Security and Privacy, pp.8-13, 1988.
Georgia Killcrece, Klaus-Peter Kossakowski, Robin Ruefle and Mark Zajicek, “Organizational Models for Computer Security Incident Respons Teams (CSIRTs)”, Carnegie Mellon University, 2003.
Hasala Peiris, Lakshan Soysa and Rohana Palliyaguru, “Non-Repudiation Framework for E-Government Applications”, Proceedings of the IEEE International Conference on Information and Automation forSustainability, pp.307-313, 2008.
John E. Canavan, “Fundamentals of Network Security”, British Library, London, 2001.
Joseph M. Rizza, “Computer Network Security”, Springer, 2005.
Joseph M. Rizza, “A Guide to Computer Network Security”, Springer, 2009.
Joshura Backfield, “Network Security Model”, SANS Institute, 2008.
Mark Stamp, “Information Security Principles and Practice”, John Wiley & Sons, 2006.
Ming Liu, S. Sun and X. yin, “ Research on The Evaluation of Security Risk for E-Government Information System” Proceedings of the IEEE International Conference on Machine Learning and Cybernetics, Vol.3, pp.1404-1409, 2008.
Nong Ye, “Secure Computer and Network Systems Modeling, Analysis and Design”, john Wiley & Sons Inc., 2008.
S. K. Parmar, “Information Resource Guide Computer, Internet and Network Systems Security”, security manual, sunny, Canada, June 2009.
Sabri Al-Azazi, “A Multi-layer Model for EGovernment Information Security Assessment”, PhD thesis, Cranfield University, 2008.
Salah Alabady, “Design and Implementation of A Network Security Model for Cooperative Network”, International Arab Journal of e-Technology, Vol. 1, No. 2, June 2009.
Salahuddin Alfawaz, L. May and K. Mohanak, “E-Government Security in Developing Countries: A Managerial Conceptual Framework”, International Research Society for Public Management Conference, 2008.
Seymour Bosworth and M.E. Kabay, “Computer Security Handbook”, John Wiley & Sons, Fourth Edition, 2002.
Shon Harris, “CISSP All-in-One Exam Guide”, McGraw Hill, Fifth Edition, 2009.
Todd King, “Security + Training Guide”, Paul Boger, 2003.
Walid Al-Ahmad and R. Al-Kaabi, “An Extended Security Framework for E-Government”, Proceedings of the IEEE International Conference on Intelligence and Security Informatics, pp. 294-295, 2008.
William Stallings, “Cryptography and Network Security Principles and Practices”, Prentice Hall,Fourth Edition, 2005
itian Zhou and Congyang Hu, “Study on the EGovernment Security Risk Management”, IJCSNS International Journal of Computer Science and Network Security, Vol.8 No.5, May 2008.