Transcript E-Government - start [kondor.etf.rs]

E-Government
- Tutorial Reengineering of the Government:
Services and Solutions
Authors:
Jasmina Pilipović, [email protected]
Prof. Dr. Miodrag Ivković, [email protected]
Prof. Dr. Dragan Domazet
Prof. Dr. Veljko Milutinović, [email protected]
What Will You Learn
From This Tutorial?
PART ONE
• INTRODUCTION
– What is E-government
• TECHNICAL ASPECTS
– The infrastructure of E-government
• DIGITAL GOVERNMENT APPLICATIONS
– Some examples that could be implemented
Page Number 2/80
What Will You Learn
From This Tutorial?
PART TWO
• ENCRYPTION
– DSA, RSA, Digital Signature
• SECURITY TODAY
– Digital Certificates, SSL
Page Number 3/80
What Will You Learn
From This Tutorial?
PART THREE
• SOME EXAMPLES AND CASE STUDIES IN THE FIELD
– Other Governments experiences, University research
• STRATEGY PLANNING
– Planning of E-government
Page Number 4/80
Part One
Introduction to E-Government
Digital technologies are fundamentally transforming
our economy and society,
and have potentials for transforming
the Government
Introduction
• E-government - the transformation of internal and external
business processes toward customer-centricity
based upon service delivery opportunities
offered by new communication technologies.
• It is connecting Citizens, Suppliers, Employees,
and other agencies securely using:
– The technologies of the Internet
– The standards of the Internet
– The public Internet
– Private intranets
Page Number 7/80
Introduction
• Information and service delivery:
– Whenever
– Whatever
– Wherever
Authentication
and
Security check
Agency #1
Citizens
Internet
E-government
center
Agency #2
...
Agency #n
Employees
Businesses
Private Gateway
Service Delivery
Agencies
Page Number 8/80
Introduction
•
E-government in the use of:
– Government itself (communication, services, information)
– Employees (advertising, education, instructing)
– Businesses (supplying, information, services)
– Citizens (online services, digital democracy)
Page Number 9/80
Introduction
•
Benefits:
– Efficiency
– Comfort
– Cost savings
– Progress
– Permanency
– Reduced redundancy
Page Number 10/80
Technical Aspects
Technical Aspects
• Designing and developing E-government
brings us a set of both technical and legal
difficulties to overcome
• The complexity of E-government architecture
will be presented with a model,
consisting of several segments:
– Sub-infrastructures
– Legal and political constrains
– Standards and protocols of networking
– Applications
Page Number 12/80
Technical Aspects
Digital government applications:
G2C
G2B
G2E
G2G
Operating infrastructure
Legislation
and
official
politics
Message and information
delivery
Network publishing
infrastructure
Technical
standards
and
network
protocols
Network infrastructure
Page Number 13/80
– Multiple networks connected together
– Various hardware technologies
LAW
• Network infrastructure
C B E G
OPERATING
DELIVERY
PUBLISHING
NETWORK
TECH
Technical Aspects
– Various underlying communication technologies
– Information superhighway
Network N
Network 1
Network 2
Page Number 14/80
– Ability to present text, images, video,
LAW
• Network publishing
and audio contents
C B E G
OPERATING
DELIVERY
PUBLISHING
NETWORK
TECH
Technical Aspects
– Various tools and languages for designing
– Client/server architecture
– Static and dynamic contents of WWW
HTTP
CLIENT
The client sends HTTP message to a computer
running a Web Server program and asks for a document
SERVER
INFORMATION
The Web server sends the hypermedia
HTML documents to the client
Page Number 15/80
– Search engines and algorithms
– Delivery of both unstructured and structured data
LAW
• Message and information delivery:
C B E G
OPERATING
DELIVERY
PUBLISHING
NETWORK
TECH
Technical Aspects
– Unstructured delivery via faxes and e-mails
– Automatic interchange of structured information
– Error and control handling
Page Number 16/80
– Privacy:
Governments need to protect citizens’ privacy
Problem of involuntarily provided information
LAW
• Operating infrastructure:
C B E G
OPERATING
DELIVERY
PUBLISHING
NETWORK
TECH
Technical Aspects
– Security:
Protection of data - stored and during transaction
– Authentication:
The identity of parties in a transaction is verified
– Confidentiality:
No eavesdrop on the transaction in progress
Page Number 17/80
The most widely used way of purchasing
over the Internet is Credit Card
LAW
– Monetary system:
C B E G
OPERATING
DELIVERY
PUBLISHING
NETWORK
TECH
Technical Aspects
Electronic Cash is informational equivalent
of physical bank notes and coins
Electronic Cash can offer such benefits as
anonymity of the buyer
global acceptance…
Credit Card will be dominant
for at least the next few years.
Page Number 18/80
– Classes: G2G, G2E, G2B, B2G, G2C, C2G
LAW
• Digital government applications:
– Online services for citizens and businesses
C B E G
OPERATING
DELIVERY
PUBLISHING
NETWORK
TECH
Technical Aspects
– Intergovernmental and employees communication,
managing digital documentation
– Government intranet as basic communicational,
informational, and organizational tool
Page Number 19/80
– Introducing digital era
into conducting governmental and commercial tasks
is opening an important question
considering legal protection and obligations
LAW
• Legislative and official politics:
C B E G
OPERATING
DELIVERY
PUBLISHING
NETWORK
TECH
Technical Aspects
E-services
E-management
E-government
E-politics
Page Number 20/80
– Exterior and inside attacks and misusage
– Electronic espionage and sabotage
LAW
• Major risks:
C B E G
OPERATING
DELIVERY
PUBLISHING
NETWORK
TECH
Technical Aspects
– E-war
– Endangering rights and freedoms of citizens
– Corruption and organized crime
– Economical and financial malversations
– Intellectual property
– Monopolization in managing government affairs
Page Number 21/80
– TCP/IP as the network protocol
– SMTP and IMAP for mail transport
LAW
• Technical standards and network protocols:
C B E G
OPERATING
DELIVERY
PUBLISHING
NETWORK
TECH
Technical Aspects
– LDAP for Directory services
– HTTP for delivery of client transactions and information
• Agencies participating in E-government
should continually monitor
the development and implementation
of emerging standards
Page Number 22/80
Digital Government Applications
Digital Government Applications
• Hundreds of applications that could be developed
to allow businesses, citizens, and other governments
to interact with the Government digitally.
• There are at least four distinct aspects
of digital government:
– Information gathering
– Interactive service delivery
– Online supplying
– Digital democracy
Page Number 24/80
Digital Government Applications
• Information gathering
Citizens could have an insight on various types of
information, such as:
– Government services, agencies, and employees
– Event calendars, statistics, news
– Flight and train schedules
– Useful links
Page Number 25/80
Page Number 26/80
Digital Government Applications
• Information dissemination problem:
– Need for standardized information tagging system
– Expanding the amount of accessible information
– Develop “expert systems” to access information
– Make the Web the first place to put information,
not the last
Page Number 27/80
Digital Government Applications
• Interactive service delivery:
– Issuing permits and licenses, as well as renewing them
– Businesses and individuals could file tax returns directly,
at no cost
– Companies could file environmental compliance forms online
– Individuals could apply for Social Security benefits online
– Paying tickets, bills, memberships,...
Page Number 28/80
Page Number 29/80
Digital Government Applications
• Problems:
– Expand and standardize
the number of applications for online forms
– Whenever possible use Web based technology
– Online forms should use shared information
about the submitter
– Integrate forms
– Focus on intergovernmental solutions
Page Number 30/80
Digital Government Applications
• Online supplying:
– Number of items citizens and business partners
can purchase online
– With E-commerce countries can move to the center
of the virtual geography
– Collaboration with distributors and suppliers on scheduling
– Forecasting, and just-in-time replenishment of supplies
Page Number 31/80
Page Number 32/80
Digital Government Applications
• Digital democracy:
– Communication between citizens and authorities
– Access to reports, plans, and memorandums
– Chat rooms
– Communication between government employees
Page Number 33/80
Page Number 34/80
End of Part One
Authors:
Jasmina Pilipović, [email protected]
Prof. Dr. Miodrag Ivković, [email protected]
Prof. Dr. Dragan Domazet
Prof. Dr. Veljko Milutinović, [email protected]
Part Two
Encryption
Encryption
• Encryption techniques:
Transposition ciphers:
K=3
TRANSPOSE
T
R
A
N
S
P
O
S
E
TSERNPSAO
K=3
Substitution ciphers:
Symmetric encryption:
Asymmetric encryption:
SUBSTITUTE
USER
USER1
EK
EK1
VXEVWLWXWH
CRYPTOGRAM
CRYPTOGRAM
DK
DK2
USER
USER2
Page Number 38/80
Encryption
• Secret-key encryption:
– Shannon: confusion and diffusion
– Uniform encryption (module arithmetic)
– One-time pad (random key generation)
– DES (Data Encryption Standard)
IBM & National Bureau of Standards, 1977
Page Number 39/80
T (64 bits)
IP
L0
+
R0
K1
f
L1= R0
R1= L0 + f(R0, K1)
L15= R14
R15= L14 + f(R14, K15)
+
f
R16= L15 +f(R15, K16)
IP-1
K16
L16= R15
C
Page Number 40/80
R i-1
32 bits into 48 bits
EXPAND
Ki
+
S1
6 bits into 4 bits
S2
S3
S4
S5
P
S6
S7
S8
Permutation
f (Ri-1, Ki)
Page Number 41/80
P1
K
64 bits into 56 bits
64-bit key
C0
D0
LS1
LS1
C1
D1
Roll left for 1 or 2
positions
P2
K1
56 bits into 48 bits
LS16
LS16
C16
D16
P2
K16
Page Number 42/80
Encryption
• Public-key encryption:
– Substitution ciphering with two keys: private and public
Public
channel
message
E
D
message
cryptogram
Kpublic
Kprivate
Page Number 43/80
Encryption
– RSA algorithm (Rivest, Shamir & Adleman, 1977)
public key K = P * Q, P and Q are very long numbers
private key K’ = (2 * (P -1) * (Q - 1) + 1) / 3
encrypting: Ci = (Fi t) mod K
decrypting: Fi = (Ci K’) mod K
Page Number 44/80
Encryption
Example:
P = 7151
Q = 13259
K = 7151 * 13259 = 94815109
K’ = (2 * 7150 * 13258 + 1) / 3 = 63196467
Message: MARY HAD A LITTLE LAMB
ASCII REPRESENTATION:
77 65 82
65 32 76
76 65 77
for t = 3:
89 32 72
73 84 84
66 46 00
65 68 32
76 69 32
C1 = (776582 3) mod 94815109 = 71611947
D1 = (71611947 63196467) mod 94815109 = 776582 (!!!)
Page Number 45/80
Encryption
– Digital signature:
• Origin authentication
• Data-integrity authentication
• Non-repudiation
Variable length
Data…to…be…sent
Key Pair
Private key
Hashing Algorithm
Message Digest
Public key
Encrypt
Digital signature
Fixed length
(128 or 160 bits)
Page Number 46/80
Encryption
– Digital signature:
• Authentication check
SENDER
RECEIVER
Message
Message*
HA
Digest’
HA
DS
Digest
PRK
PBK
Digest’’
Equal?
DS
Page Number 47/80
Security Today
Security Today
• Digital Certificates
– Strong binding between the public key and some attribute
– Help someone receiving a message decide whether the
message, the key and the sender's name are what they
appear to be
– An electronic file that uniquely identifies communication
entities on the Internet
– Issued and signed by the Certification authority
Page Number 49/80
Security Today
• De-facto standard for digital certification is ITU-T
recommendation X.509:
– Certification Authority (CA)
(issues certificates)
Public key
value
– Subscribers
(CA Clients)
– Users
(the public in general)
cert holder’s unique
name
issuer’s unique name
version
serial number
signature algorithm
identifier
Certification Authority
validity period
extensions
CA’s private key
CA’s digital signature
Page Number 50/80
Security Today
• Secure Sockets Layer (SSL)
– A protocol designed to work at the socket layer, to protect
any higher level protocol built on sockets, such as telnet,
ftp, or HTTP
Page Number 51/80
Security Today
• SSL protocol is composed of two layers
• The Record Layer
– Connection security using data encryption
with symmetric cryptography
and message integrity check
– For every SSL session
we create a randomly generated temporary master key
Page Number 52/80
Security Today
• The Handshake Layer
CLIENT
SERVER
CLIENT-HELLO
(information on the cryptographic systems it is
willing or able to support)
SERVER-HELLO
(connection id, its key certificate, and information
about the cryptosystems it supports)
verifies the server's public key, and responds
with a CLIENT-MASTER-KEY message
CLIENT-FINISHED message
SERVER-VERIFY message
REQUEST-CERTIFICATE
CLIENT-CERTIFICATE
SERVER-FINISH
Page Number 53/80
End of Part Two
Part Three
Experience In The Field
Experience In The Field
• Early stage in the shift to government online
• The use of Internet is increasing each year
Page Number 57/80
Experience In The Field
• E-government relays not only on Internet delivery,
but telephone, digital TV, and kiosk delivery as well
Page Number 58/80
Experience In The Field
• New Zealand
Critical issues:
– Leadership;
– Strategy;
– Governance;
– Integration;
– Resourcing;
– Ensuring a focus on citizens;
– Avoiding the digital divide;
– Reskilling government;
– The need for communication.
Page Number 59/80
Experience In The Field
• September the 28th, 1999
By the year 2005:
– Electronically registering with central government
– Transacting all dealings with IRD online
– All government forms and all services available online
– People to have their say in the policy-making process
– Authorized accessing records of a person’s health information
– Electronically posting transactions and receiving documentation
– Recording change of address
Page Number 60/80
Experience In The Field
• The United States
– Week integration across federal services
or between states and federal government
– Lack of reliable authentication services – no paper ID card
– Digital divide is one of the major barriers
Page Number 61/80
Experience In The Field
• New York State’s major projects
– Establishing a statewide IP network;
– Implementing a comprehensive plan;
– Restructuring the state’s data centers;
– “Best Practices” sessions;
– Statewide legislation;
– Cooperation with local governments;
– Reviewing all purchases of technology;
– Participating in projects.
Page Number 62/80
Experience In The Field
• Australia
– Federal initiative was to deliver
all Commonwealth services electronically
via the Internet by 2001;
– In 1999, over 18% of all households
had home Internet access (79% of that in major cities),
and still made Australia
one of the most wired countries in the world
– One of the first e-government programs
was Multimedia Victoria (MMV) in Victoria
with initial strategy document in 1995
Page Number 63/80
Experience In The Field
• Australia
– The government is also derived into channels:
business, land, health channel, etc.
– Setting up an application
costs between
A$100k and A$200k
– Service providers are charged
80 cents to $2 per transaction.
Page Number 64/80
Experience In The Field
• United Kingdom
In 1999, UK published its White Paper:
Modernizing Government
– Electronic Procurement
(making 90% of low-value government procurement
electronic by April 2001);
– Government Business Processes
(equivalence to written and digital documents);
– Service and Information Delivery
(25% by 2001, 50% by 2005, and 100% by 2008);
Page Number 65/80
Experience In The Field
– Use of the internet is not as high as in
Scandinavia, the US, or Australia.
– The tax system is very complicated
– No single, integrated national database to be used to roll out ESD
– Opening of e-libraries and placing computers
in schools and neighborhoods
– Number of statutes in the UK that prevent
data gathered for one purpose to be used for another,
and the access to the data is seriously limited
Page Number 66/80
Experience In The Field
• Ontario, Canada
– In 1998, an Information & Information Strategy was released
– Too many IT systems with poor evidence of integration
among agencies and weak links to the broader public sector
Page Number 67/80
Experience In The Field
– Used technology was incompatible and variety of networks
made it difficult to implement systems across government
– Seven IT clusters were introduced:
Resource/land;
Economics/business;
Human Services;
Justices;
Community Services;
Transportation;
Finance.
Page Number 68/80
Strategy Planning
Strategy Planning
• Elements of a business case
– The following diagram illustrates some recommended steps
in the development of a business case
for government e-commerce initiatives:
Step 1: Identification of sustainable projects
Step 2: Value chain analysis
Step 3: Implementation
Step 4: Feedback and review
Page Number 70/80
Strategy Planning
– A list of topics that pertains to public e-commerce projects:
Case Dimension
Idea Generation
Customer and Market Research
Technology Development
Risk
Description
the source and impetus for a new project
an evaluation of the intended potential
users and beneficiaries of a project
an analysis of the technological resources
necessary to build and service a new project
uncontrollable factors that may jeopardize
implementation or customer adoption of a project
Approval Process
the level of authority within the government
required for project initiation
Success Measures
tools used to assess whether or not a project
has met its intended goals
Page Number 71/80
Strategy Planning
• Planning of E-government is characterized with complexity
and deep impact on society
• Issue Driven Planning (IDS)
Economical
growth
+
Telecomm.
&
Policy
+
Education
+
Government
Services
Digital
= Society
Page Number 72/80
Strategy Planning
• Planning issues important for successful development
– Motivation
– Budget
– Result measuring
– Development competency
– Contract and project managing
– Best practice
– Relationship managing
– Technology
Page Number 73/80
Strategy Planning
• Planning steps:
– Executive appointment
– E-government vision
– Global plan definition:
• Stage I - Strategy (what should be done)
• Stage II - Competency (what could be done)
• Stage III - Implementation (what will be done)
Page Number 74/80
Strategy Planning
• Strategy planning should start with a meeting:
Business strategy summary
Good practice strategy
Current trends
Current stage evaluation
Business targets report
E-government vision
E-government targets
Project candidates
Project priority criteria
Priority criteria evaluation
Alternative resources
Classification (G2C, G2B, G2E, G2G)
Project priority outcome
Project interoperability
Timing schedules
Alternative resources selection
Page Number 75/80
Strategy Planning
• Competency planning - Users and Government
• Users competency:
– Need for eye-to-eye contact
– Cultural and language restrictions
– Handicaps
– Economical status
– Geographical limitations
– Need for education
Page Number 76/80
Strategy Planning
• E-government competency:
– Leader competency
– Regulatory restrictions
– Handling with digital records
– Privacy and Security
– Central Authority (CIO - Chief Information Officer)
• strategic support
• technical support
Page Number 77/80
Strategy Planning
• Implementation planning:
Effects
Time
Approach
Integration
Projects
Service
Improvement
Operational
Improvement
Economical Analysis
Budget Evaluation
Timing and Resources
Schedules
Marketing Plan
Priorities
Profits
Page Number 78/80
End of Part Three
The End
Authors:
Jasmina Pilipović, [email protected]
Prof. Dr. Miodrag Ivković, [email protected]
Prof. Dr. Dragan Domazet
Prof. Dr. Veljko Milutinović, [email protected]