Improving the Security Levels of e-Government Processes within Public Administration through the Establishment of Improved Security Systems

Arqueología

16 pages
0 views

Please download to get full document.

View again

of 16
All materials on our website are shared by users. If you have any questions about copyright issues, please report us to resolve them. We are always happy to assist you.
Share
Description
Improving the Security Levels of e-Government Processes within Public Administration through the Establishment of Improved Security Systems
Transcript
  Journal of Computing and Information Technology - CIT 17, 2009, 2, 141–155doi:10.2498/cit.1001087 141 Improving the Security Levelsof e-Government Processeswithin Public Administrationthrough the Establishmentof Improved Security Systems Andrea K¨o 1 and B´alint Moln´ar 2 1 Corvinus University of Budapest, Hungary 2 Corvinus University of Budapest, Information System Department, Hungary Processes that are related to the identification and theauthentication of persons and other legal entities havebeen necessarily existing and functioning for a while inpublic administration and business. Information Societyoffers new e-services for citizens and businesses, whichdramatically change the administration and results inadditional challenges, risks and opportunities. Citizen’sconfidence and trust in services has to be improved,meanwhile several requirements, like personal data andprivacy protection and legal requirements have to besatisfied. The usual business process of identificationof the corresponding entity is generally based on sometrivial control mechanism, typically password identifica-tion. In order to keep the trust of the public in the publicadministration activities, the process for entity identifi-cation  ( both person and legal entity )  should be amended,takinginaccountthebusinessandsecurityconsideration.Identity management solutions show intriguing variationof approaches in Europe, they are at a different maturitylevel of services.Our paper gives an overview about the most frequentlycited identity management architectures  ( namely: Lib-erty Alliance Architecture, Sibboleth, GovernmentGate-way Modeland Austrian Model )  and presents an identitymanagement framework  ( based on the PKI, but im-proved it ) , customized for the Hungarian specialities,which offer possibilities to improve the related servicesquality.We give an overviewabout the decisive identity manage-mentapproachesandwe suggestanidentitymanagementframework  ( based on the PKI, but improved it ) , pro-posed as a general solution. The concrete example asa case study demonstrates a solution customized forthe Hungarian specialities. Our paper shows a solu-tion for the improvement of the identity managementin e-government processes through the development of security mechanisms making use of the readily availabletechnologies. The improved business and technol-ogy processes are demonstrated through the Hungariansolution to the problem as a case study. Keywords:  Public Key Infrastructure, e-government, se-curity, digital signature, e-ID, smart card 1. Introduction Tasks related to identification and authentica-tion of persons and other entities have been asignificant part of general business processesin public administration and business life. In-formationSociety offersnewe-services forciti-zensandbusinesses,whichdramaticallychangethe public administration, and at the same time,bring about additional challenges, risks and op-portunities. Citizen’s confidence and trust inservices has to be enhanced, meanwhile severalrequirements, like data protection, privacy andlegalrequirements have to be satisfied. The tra-ditional methods being in use now are neithersecure nor comfortable. Amongst other, theseare the reasons that explain identity manage-ment popularity. Several research projects areaddressing identity management-related issues,like Guide  [ 4 ] , Prime  [ 11 ] . PKI architecturecan be oneofthesuitablecandidatesto enhancethe level of security, meanwhile compliant withadditional users needs.  142  Improving the Security Levels of e-Government Processes within Public Administration . . . The PKI architecture provides services that arerootedintheavailableITtechnologies. Theser-vices implicate business process, directly or in-directly. Theexistingbusinessprocessesshouldbe aligned with the services of PKI that en-force somebusiness and IT architecture and ap-proaches for making use of technology. How-ever,thebasicissues,namelyconceptsrelatedtoidentitymanagement: theidentification,certifi-cation, authentication of persons, and moreoverthe business processes involved in the previ-ouslymentionedactivitiesownaninterpretationin common sense that is not bound by the con-straints and limitsof technology. Regarding thewhole bunch of business processes associatedto PKI, we should investigate the requirementsfor process improvement, the opportunities forenhancing the currently existing business andsoftware processes.The challenge is that even if the more mod-ern PKI technology is used, PKI itself cannotguarantee the authentication and authorizationof the identity at the level that is anticipated bythe public administration. Both business pro-cess side and the supporting IT technology fore-governmentservicesshouldbere-engineered;the available technology solutions should becomplemented with appropriate parts.The basic problem that should be solved some-how is the following: in the relationship be-tween the citizen and the public administration,there is a very strong requirement for mutualverification and validation of the identities of partners, usually prescribed by the law, by thelegal environment and by the jurisdiction. Themost important Hungarian regulation approachcanbefoundinKet ( CXL.Law,2004 ) . Ketcov-ers the regulation about the way how to handlethe linking of government to citizen  ( G2C )  andvice versa, furthermore it codifies the rules fore-government processes and procedures. It isapplied as a legal framework for business pro-cesses, procedures and standards within Hun-garian public administration. Regarding theavailable technologies, there are several oppor-tunities to implement a proper technical solu-tion. However, a technically satisfying solutioncould collide with the legislation environmentand jurisdiction. In some countries, the lawpermits a  de facto  central register of electronicidentityofcitizens; inothercountries,eitherthelaws in force or the practice of jurisdiction pro-hibits centralization of the registered electronicidentities, and allows only some kind of dis-tributed solution. The technology should pro-vide services even in distributed or federatedcases thereby the partners — the public admin-istration and citizen — could build up a trustrelationship mutually. The identity of citizenproved by a certification of PKI technology andissuedbyacommercialorganization—theCer-tification Authority — could not be regardedconvincing enough for the public administra-tion. The certification contains some kind of name or names, but it does not have enoughinformation for unambiguous authentication.Our paper gives an overview about the deci-sive identity management approaches and wepresentanidentitymanagementframework ( ba-sed on the PKI, but improved it ) , proposed asa general solution. The concrete example as acase study demonstrates a solution customizedfor the Hungarian specialities.Theoutlinedapproachprovidesasolutionamongthe constraints raised by the legal environmentandtheavailabletechnology,andavoidingsomepitfalls that apparently yield a resolution but ithides sometraps because disregardingthe basicprinciples of cryptography. The solution is athigher security level than the traditional ones,and it even develops further the available PKItechnology approaches providing improvementin the business process and supporting technol-ogy related processes and the applied softwareenvironment. 2. The Opportunities for the Improvementof Identity Management in ane-Government Environment Within a corporate environment, identity man-agement is dealing with managing the type of information, which is available for a certain ap-plication  [ 7 ] . It involves maintaining a person’scomplete information set, spanning multipletransactionsandcontexts. Identitymanagementapplication is part of an end-to-end security so-lution and addresses the needs for certainty inthe areas of authentication, access control andusermanagement [ 5 ] . Identitymanagementsys-tems allow people to define different identities,roles, associate personal data to it, and decideabout access control of them and when to act  Improving the Security Levels of e-Government Processes within Public Administration . . .  143anonymously. An identity management systemwould empower the user to maintain their pri-vacy and control their digital identity  [ 7 ] . Thenext business drivers of identity managementare cited in the literature  [ 5 ] : •  Cost reduction  ( unsatisfactory managementofidentitycan increasethecost ( e.g.waitingfor permissions, etc. )) . •  Increased security  ( inadequate access rightscan be an additional risk for an organiza-tion ) . •  Increased compliance  ( an identity manage-ment system can help the organization tocomplywithlaws ( e.g. dataprotectionlaws ) and regulatory environment ) . •  Increased usability  ( users are able to controltheir working environment and customizeit ) . •  Infrastructure consolidation and applicationdevelopment speed  ( solutions can be builtmore rapidly, with applying reusable secu-rity elements ) .Two major areas are distinguished in identitymanagement; namely,enablinguseraccess  ( au-thorization, authentication, etc. )  and user lifecycle management  ( user administration, provi-sioning, etc. ) . Another view is user’s perspec-tive  ( focus on efficiency  ( one single sign-onto many applications ))  vs. administrator per-spective  ( focus on efficiency of management ) aspect. Major building blocks of identity man-agement are the enterprise directory services,authentication, access control, and user man-agement  ( ITGI, 2004 ) . Four elements managethe whole life cycle of the identity within anorganization, from creation to termination. •  The enterprisedirectory serviceconsistsof two major components: •  Directoryservicesdatabase thatoperatesas a hub data store for identity and au-thentication information. •  Meta-directory : Its major functional ser-vice is to share identity-specific data,to carry out data synchronization amongvarious directories, databases and appli-cations within an organization. Authentication istheprocedurethatchecks theidentity of a user so that he or she may have therighttousesomeresourcesandtheaccessrightscan be granted or denied correctly. The aim of  access control  is to guarantee that users areprovided access only to those applications orresources they are permitted to use it someway. User management  as IT function is responsi-ble for providing user identities across multipleapplications or systems.Most important requirements against identitymanagementarefunctionalservicesandprivacy [ 7 ] . Another important aspect which has to beemphasizedispersonal dataand privacyprotec-tion. Forthee-governmentservices,theidentitymanagementsolutionelaborated in thepast thatare in use within corporate environment musthave been, in principle, a perfect technologicalsolution. However, several pre-conditions for afull–fledged application should be satisfied.The foundation of basic technological architec-turefortheidentitymanagementislaidinPublicKey Infrastructure. The basic principle is thatthe subject of identity management owns a key-pair: a public key and a private key. Even if thesubjectjealouslyguardshis / herprivatekey andpublishes his / her public key, it is impossible toprove that the published key really belongs tothe person who claimed it as his own. For thisproblem, a trusted business process was neededthat “permanently” links the owner’s identity tothe public key. Thereby, a trust hierarchy cameinto life. The point of trust would bind publickey to an identity  ( and maybe other personalinformation )  on behalf of the owner of the key-pair. Everybody could then accept the singlepoint of trust as a reliable authority that linksthe end-entity  ( person or legal entity )  identityto the key-pair and the certificate that containsinformationaboutthe ownerand thepublickey.Thedegreeofvalidationatareliabletrustpoint,atCertificationAuthority ( CA ) ,canbereflectedusing extra information embedded into certifi-cates: typically validation takes place at thelevel of e-mail address, in a corporate envi-ronmentagainsttheHuman Resource directory,face-to-face meeting with additional checkingofofficialcredentials ( passport,personalidenti-fication document, driving license, social secu-rity data, tax authority’s identification numberetc. ) However, even if the strongest authenticationmethod is used for validation, the publishedinformation either in a certificate database or  144  Improving the Security Levels of e-Government Processes within Public Administration . . . in the owner certificate represents only a smallpart of data that would be interesting, requiredby and significant for the partner who wouldlike to identify the owner of the certificate andto verify. Generally, the certificate contains ane-mail address, a personal name, maybe someother names, and the public key. The certificatedatabase that is publicly available may provideaccess only to the personal name, and down-loadingthecertificatecontainingthepublickey,nothing less. Nevertheless, it may seem sur-prising that so little data are available for iden-tification, but the anxiety for privacy and theattacks manifested during the past years justi-fies this practice. Based on agent and artificialintelligencetechnology,severalsoftbots ( “soft-warerobot” ) werecreatedtocollectinformationfrom public Web sites as e.g. directory servicesfor using the acquired e-mail addresses for gen-erating spams, unsolicited e-mails. The onlyescape route is to avoid capturing of e-mail ad-dresses by this easy way and against the ownersrcinal intentionis using “ captcha ”likee-mailaddresses. To protect the other personal data,the only solution is not to publish at all on pub-licly available Web sites, directory services.The Certification Authority may have a paperor electronic database that contains the datathat were checked during the validation pro-cess. The personal data and privacy protectionacts in EU and the member states support thispractice. However, the public administration inan e-government process needs much more in-formation for an accurate identification of theowner of a certificate and a key-pair. Putting itsimply, the question for the public administra-tion is: among the several John Doe who is theright one?The direct access to the database of personal in-formationstored attheCertification Authoritiesraises security questions. If the public admin-istration can retrieve data from this protecteddatabase, thenanyonecoulddo it. Thepreviousissueleadstothecommonidentitymanagementprocesses:1. There must be a functional capability for in-dividualstoauthenticatethemselveswithap-plications.2. When identitydata is passed from onecoun-try to another, it is likely that data conver-sions will have to be applied. This couldbe done by semantic integration and meta-directory services. As an example, lastnames of persons in Ireland stored in a di-rectory should be mapped to last names of personsinSpainintheappropriatedirectory,and vice versa. To avoid interfering withprinciple of subsidiarity, these services arelikely to operate on the basis of a commondata model with mappings of this commondata model to and from the data models of each single member state.3. There should be some function of the direc-tory service that retrieves the addresses orlinks of those services that want to interactwith each other. A local authentication ser-vice may have to redirect an authenticationrequest to the authentication service beingcognizant.4. Finally,legislationmayrequiretheexistenceof logging and notification services.Theproblemcan beformulatedinthefollowingway: thepublicadministrationrequiresastrongidentificationandauthenticationmechanismforitspartners, inspiteofthepersonaldataand pri-vacyprotectionobligationofgovernment. Howcanweimprovethebusinessprocessforidentitymanagement for the purpose of e-government?Approaches of IdM architectures show hetero-geneous picture, we discuss briefly only themost frequently cited ones, namely: LibertyAlliance Architecture, Sibboleth, GovernmentGateway Model and Austrian Model, in orderto compare them with the Hungarian approach. 2.1. Liberty Alliance Architecture Liberty Alliance  [ 13 ] , a consortium represent-ing organizations from around the world, wascreated in 2001 to address the technical, busi-ness, and policy challenges around identity andidentity-based web services. The goal of Lib-erty Alliance is to enable consumers, citizens,businesses and government’s online transac-tions applying open standards while protectingtheprivacyand security ofidentityinformation.All kinds of identities are linked by federationand protected by universal strong authentica-tion, are being built with Liberty’s open iden-tity standards, business and deployment guide-lines and best practices for managing privacy.  Improving the Security Levels of e-Government Processes within Public Administration . . .  145It offers the technology, knowledge and certi-fications to build identity into the foundationof mobile and web-based communications andtransactions. Liberty Alliance Architecture iswidely applied and cited in the area of identitymanagement. The following part of the sectionprovides a brief overview of the Liberty Al-liance’sfederatednetworkidentitymanagementarchitecture’scomponentsandthemainfeaturesof the components. A high-level overview of Liberty Alliance Architecture modules can beseen in the following figure: XML-Enc.HTTPSAML WSS WSDL XML-DSIG XMLWAP SSL/TLS SOAP LIBERTYIDENTITYFEDERATIONFRAMEWORK (ID-FF)LIBERTY IDENTITY WEBSERVICE FRAMEWORK (ID-WSF)LIBERTY IDENTITY SERVICES INTERFACESPECIFICATIONS(ID-SIS) Figure 1.  High-level overview of the Liberty AllianceArchitecture. Main modules are the following: •  Liberty Identity Federation Framework ( ID-FF ) •  Identity Services Interface Specifications ( ID-SIS ) •  Liberty Identity Web Services Framework ( ID-WSF ) .  LibertyIdentityFederationFramework  empow-ersidentityfederationandmanagementthroughfeatures such as identity / account linkage, sim-plifiedsignon,andsimplesessionmanagement.The Liberty ID-FF module supports the feder-ation of identities, including the correspondingmanagement. This framework enables the in-teroperability of the most varied platforms anddefines the federation for PCs and mobile de-vices  ( mobile phones, PDAs etc. ) . With ID-FF,theuserhasaccesstoSingle-Sign-Oninhis / herpersonal CoT  ( “Circle of Trust” ) . The ID-FFmodule also defines the exchange of metadata.The ID-FF module is the central module of theLiberty specifications.  IdentityServicesInterfaceSpeci  fi cations isbasedon ID-WSF and contains specifications for thefollowing functions: user registration, addressbook, calendar, location-specific services, andalarms  ( “alerts” ) . Liberty Identity Services In-terface Specifications  ( ID-SIS )  enables inter-operable identity services such as contact bookservice, geo-location service, presence service,personal identity profile service, and so on.  Liberty Identity Web Services Framework   ( ID-WSF )  provides the framework for building in-teroperable identity services, identity servicedescription and discovery, permission-basedat-tribute sharing, and the associated security pro-files. ID-WSF, Identity Web Services Frame-work, is based on ID-FF and forms the basis toprovidepersonifiedservices. ID-WSFincludes: •  the exchange of individual attributes  ( “per-mission-based attribute sharing” ) , •  the collection of identity elements in a dis-tributed environment  ( “identity service dis-covery” ) •  interaction services  ( “interaction services” ) additional security profiles, which are to beobserved during data exchange  ( “securityprofiles” ) •  “Simple Object Access Protocol Binding” ( SOAP binding ) •  “extended client support” ( extended supportfor end devices, not IP / HTTP specific ) •  “Identityservicestemplates” ( personalitypro-files specification ) .Underlying part of the architecture – extensionofindustrialstandardsrepresents acollectionof international standards relevant to Liberty. ID-FF,ID-WSFandID-SISarebasedonthesestan-dards. These refer to existingstandards; as nec-essaryandwhenrequired, theywillbeextendedand approved with the appropriate standardisa-tion organisations. Liberty Alliance works to-gether with many organisations; some of themare: •  Organisation for the Advancement of Struc-tured Information Standards  ( OASIS ) •  World Wide Web Consortium  ( W3C ) •  Internet Engineering Task Force  ( IETF ) .The following are used as standards: SAML,HTTP,WS-Security, WSDL,XML-ENC,WAP,XML, SSL / TLS, SOAP, and XML-DSIG.
Advertisement
We Need Your Support
Thank you for visiting our website and your interest in our free products and services. We are nonprofit website to share and download documents. To the running of this website, we need your help to support us.

Thanks to everyone for your continued support.

No, Thanks