Security Aware Development of E-Government Systems

Introduction

Electronic government (e-Gov) systems facilitate the interaction between government agencies and other entities (citizens, businesses or even other government agencies) by providing means for the delivery of information and services online via the Internet. Many governmental units across the world have embraced the digital revolution and placed a wide range of materials on the web, from publications to databases. There is a great deal of variation in the services available on national government websites. E-Gov in the information age gives rise to new forms of relationship with government agencies. The public administration is shedding its bureaucratic character and is transforming into an efficient, service-oriented provider of services. However, the unregulated and open nature of the Internet has prompted many to question the privacy and security of government websites and e-services. Several surveys have concluded that these issues are at the top of the list of concerns about e-Gov. Having visible statements outlining what the site is doing regarding privacy and security are valuable assets for reassuring a sceptical population and encouraging citizens to make use of e-Gov services and information, but of course this is not enough. The establishment of robust methods for the development and deployment of secure e-Gov systems is essential for such systems to gain wider acceptance. Other additional characteristics that complicate the development of secure e-Gov systems are their very large scale and the intrinsic heterogeneity (which concerns users, access channels and devices, sensitivity of information and services, etc.). Regarding the IMPRESS users we can distinguish two profiles. Firstly, secure application developers; they profit by use of the improved development process presented as IMPRESS. Secondly, applications users will profit by using more secure and dependable applications; this fact improves users’ trust-perception.

This chapter presents a system development process that is especially well-suited for future multi-channel e-Gov applications. As mentioned, two essential aspects of these systems are their stringent security and privacy requirements and the fact that they serve very large populations of users who use heterogeneous access channels and devices. These characteristics require solutions that are able to adapt themselves to changing environments, which complicates the development process, especially with regards to the provision of security. The development process proposed in this chapter is called IMPRESS (Integrated Mda-based PRocess for Engineering Secure Sytems) Serrano (2007). IMPRESS draws together the areas of software and systems engineering, security engineering, and formal methods for the design and analysis of secure systems. In this manner, formal methods, a cornerstone for rigorous security engineering, is made available within the software engineering process for the average system engineer. Our main goals for the development of IMPRESS was to provide support for software engineers in the specification of their security requirements, the validation of their models against such security requirements, and the integration of proven security solutions in their models. We took into account the characteristics and security requirements of highly sensitive applications such e-Gov ones. This chapter introduces the IMPRESS approach and it presents how secure e-Gov applications can be developed using it. We illustrate the application of the process using an example based on a tax declaration application. The development of e-Gov systems based on our proposal has the advantages of the independence of the work of security experts from the development of the application itself. In this way, software developers can concentrate in the specific functional requirements of their applications. The security requirements will be fulfilled by the integration of proven solutions into their models.

The Secure System Development Based on MDA presented in this chapter, builds on:

• •

  The Serenity Project results, SerenityProject (2006)

• •

  The MDA model transformation approach, Soley (2002)

• •

  The Software Factory approach, Greenfield (2004)