№1, 2010
E-GOVERNMENT INFORMATION SECURITY MANAGEMENT RESEARCH CHALLENGES
One of the most important and the most difficult tasks encountered in the e-government building is providing reliable and trustful information security for e-government. In this paper actual research problems in the field of e-government information security management are identified and state-of-the-art of problems is analyzed. The new threats to the information infrastructure of e-government, and qualitative changes of the threats are analyzed in details. The basic difficulties emerged in adapting of traditional security models of information security to complex objects as e-government are shown. (p. 3-13)
Keywords:e-government, information security, information war, asymmetric threats, information security policy, information security management, information security culture.
References
- ТоффлерЭ. Третья волна. М. ООО «Издательство АСТ», 1999, c. 277.
- The UN E-Government Survey 2008: from e-Government to connected governance, United Nations, 2007, 225 pages. http://www2.unpan.org/egovkb/global_reports/08report.htm
- Остапенко Г.А., Мешкова Е.А. Информационные операции и атаки в социотехнических системах. Организационно-правовые аспекты противо-действия. Изд.: Горячая Линия – Телеком, 2008, 208 стр.
- Ye-Sho Chen, P.Pete Chong, Bin Zhang. Cyber security management and e-government // Electronic Government, 2004, V.1, № 3, pp.316-327
- Wimmer M., von Bredow B. E-government: aspects of security on different layers / Proceedings of the 12th International Workshop on Database and Expert Systems Applications, 2001, pp.350-355.
- Norris D.F. and Moon M.J. Advancing E-Government at the Grassroots: Tortoise or Hare? // Public Administration Review, 2005, V.64, № 1, pp.65-75.
- Gilbert D., Balestrini P., and Littleboy D. Barriers and benefits in the adoption of e-government // The International Journal of Public Sector Management, V. 17, № 4/5, pp.286.
- Conklin W.A. Barriers to Adoption of e-Government / 40th Annual Hawaii International Conference on system sciences (HICSS 2007), 2007.
- Мешкова Т.А. Социально-политические аспекты глобальной информати-зации // Полис. М., 2002. № 6, c. 24-33
- Remarks by the President at the National Academy of Sciences Annual Meeting, National Academy of Sciences, Washington D.C., April 27, 2009. http://www.whitehouse.gov/the_press_office/Remarks-by-the-President-at-the-National-Academy-of-Sciences-Annual-Meeting/
- Dhillon G. and Backhouse J. Current directions in IS security research: towards socioorganizational perspectives // Information Systems Journal, 2001, V.11, № 2, pp.127-153.
- Arreguin-Toft I. How the Weak Wins Wars: A Theory of Asymmetric Conflict // International Security, 2001. V.26, № 1.
- von Solms B., Information Security - The Fourth Wave // Computers & Security, 2006, V.25, № 3, pp.165-168.
- Edward Humphreys, Implementing the ISO/IEC 27001 Information Security Management System Standard, Artech House Publishers. 2007, 290 pages
- Zhang N., Ryan M.D., Guelev D. Evaluating Access Control Policies Through Model Checking // Lecture Notes in Computer Science V.3650, Springer-Verlag, 2005, pp. 446-460.
- Al-Shaer E. and. Hamed H. Discovery of Policy Anomalies in Distributed Firewalls / Proceedings of IEEE INFOCOM’2004, 2004.
- Dunlop N., Indulska J., Raymond K., Methods for Conflict Resolution in Policy-Based Management Systems // EDOC. 2003. pp. 98-111.
- Rachna Dhamija, Lisa Dusseault, The Seven Flaws of Identity Management Usability and Security Challenges // IEEE Security&Privacy, March/April 2008.
- Future of Identity in the Information Society http://www.fidis.net/
- Koong K.S., Liu L.C., Bai S. and Lin. Identity Theft in the USA: Evidence from 2002 to 2006 // International Journal of Mobile Communications, 2008, V.6, № 2, pp. 199-216.
- Ryan Trost Practical Intrusion Analysis: Prevention and Detection for the Twenty-First Century, 1st edition, 2009, 480 pages.
- Jaquith A., Security metrics: Replacing fear, uncertainty, and doubt. NJ: Addison-Wesley Pearson Education, 2007.
- Krag Brotby W. Information Security Management Metrics: A Definitive Guide to Effective Security Monitoring and Measurement, Auerbach Publication, 2009, 200 pages.
- Alberts C., Dorofee A. Managing information security risks: The OCTAVE (sm) approach. Boston, MA: Addison-Wesley, 2002.
- Peltier T.R., Information security risk analysis (2nd ed.), Boca Raton, FL: Auerbach Publications, 2005.
- Manish Gupta, Raj Sharman, Social and Human Elements of Information Security, 2008, 383 pages.
- Ryan West, The Psychology of Security. Communications of the ACM, V.51, 4 (April 2008), pp. 34-40.
- OECD Guidelines for the Security of Information Systems and Networks: Towards a Culture of Security, 2002. www.oecd.org/dataoecd/16/22/15582260.pdf
- Schlienger T., Teufel S. Information Security Culture: The Socio-Cultural Dimension in Information Security Management / Proc. of IFIP TC11 17th International Conference on Information Security (SEC2002), 2002, IFIP Conference Proceedings 214, pp. 191-202
- Chang S.E., and Ho C.B. Organizational factors to the effectiveness of implementing information security management // Industrial Management & Data Systems, 2006, V.106, № 3, pp.345-361.