Final Project Report2

8/7/2019 Final Project Report2

1/47

PROJECT IN BRIEF

PROJECT TITLE: Transaction Processing System

UNDER TAKEN BY: Kiran Afshan

Huma Naz

Sobia Sheraz

SUBMITTED TO: MISS: Tahira Hasan

References:

Mr. Sohail KhanBranch ManagerSoneri Bank G-9 Islamabad

www.Soneri bank.com


2/47

Acknowledgement

All praise to Almighty ALLAH, the most merciful and compassionate, who enabled us to

complete this Project.

We express our gratitude to our kind course coordinator Miss Tahira Hasan who kept our moral

high by her suggestions and appreciation. She was available to us whenever and for whatever we

consulted her. Without her precious guidance and help we could never be able to complete this

task.

At last but not the least, we would like to acknowledge the support of our family members. We

would like to admit that we owe all our achievements to our truly, sincere and most loving

family members who mean the most to us, and whose prayers are source of determination for us.

2


3/47

PREFACE

This report is one of the necessary elements to

complete the course of E_Business; we try our best to

write this report in such a way that gives mor

information about the websites of Ministry of Education

to the reader in simple language.

For the sake of simplicity, we have divided this report

in portions. So, reader will not face any difficulty in

understanding this report.

We have also tried our level best to obtain as accurate

data and present all what we have learnt, in th

following pages.

We hope that this report will be a true representative

of our efforts and will satisfy the purpose, which we

were meant to achieve.

3


4/47

Chapter # 1

INTRODUCTION

4


5/47

INTRODUCTION

Many definitions exist for e-governance. E-governance is the interactionbetween government and citizens and government and businesses, as well

as in and government and businesses, as well as internal governmentoperations (Michiel Backus, 2001).E-governance brings the concept of good governance with itself whichincluded transparent, participatory, accountable, consensus orientedresponsive and effective and efficient government. E-governance refers tothe process of using information and communication technology automating internal operations of government as well as its externalinteractions with citizens and other businesses (Gyanendra NarayAmrutaunshu N. Nerurkar, 2006). E-governance incorporates process andstructures by which new ICTs can be organized by the government for e-

administration, e-business, e-citizen, e-services, e-society, and democracy.

The terms government and governance are often used interchangeably or inconjunction, so a certain level of clarification and distinction needs to be metbetween them in order to understand & visualize the conceptual overview ofelectronic versions of each. In the broader perspective, Government can bedefined as an institution which represents the people of any country andcarries out legislation process, policy and decision making and implementation in the interest of public. However, Governance is the resultand outcome of dealings of government with different tiers of society duringpolitical process, policy-making and implementation.

E-governance in the world

After few decades the war is not occur but electrical war decide who win andwho loss.E-governance is an emerging trend in the globalize world. Diffdeveloped and developing countries make efforts for successful governance. Europeans and Americas region get the lead in e-governancewhereas Asia, Africa and Oceania still trying to get huge success in e-

governance. E-governance provides unlimited benefits but e-governancealso contains the issue of digital bridge and design- reality gap. Developingand developed countries faces the problem of digital divide and design-reality gap.

5


6/47

E-governance in Pakistan

Electronic government directorate is wing of ministry of information andtechnology of Pakistan is responsible for

Preparation of e-government projects

Implementation of federal level e-government projects approved bygovernment.

Preparations of standards, guidelines.

Providing technical support to the federal, provincial, and districtdepartment.

In the context of Asia, Pakistan got eleventh position in e-governance and inworldwide ranking one hundred and thirty six is the position capture by

Pakistan (UNPAN, 2005). The position of Pakistan goes downs in the rankingof e-governance just in one year. Pakistan is a developing country anddeveloping country faces the problems and issue of e-governance withintensity. Digital divide, design and reality is not just issues but corruption,dishonesty, low literacy rate, lack of skilled and technical human resource,cultural differences, lack of funds and lackOf proper infrastructure make it more difficult to enjoy the facilities of e-governance.

This report focuses on e-governance Pakistan. We select website of ministryof education of Pakistan. E-governance is new concept in Pakistan so a lot ofcommitment and efforts are required. Not much research is available on thise-governance in Pakistan so we take this project as challengeopportunity.They use the Internet. Government, as a collector and source of information,could follow this trend, to serve its customers (citizens and businesses) betterand to save costs by making internal operations more efficient. If we look atglobal level, we shall know that there are 15.7 million people go online eachday. Internet is the fastest growing technology which took only 5 years to

achieve 50 million users whereas TV took 13 years and Radio took 38 years.

RESEARCH OBJECTIVE

The objective of this research is to analyze the Website of ministry ofeducation of Pakistan with respect to its design, model, internet marketing,legal ethical and social issues and computer and network security. Alsoconduct the SWORT analysis.

6


7/47

Importance of Government websites:Making government sites usable can help citizens understand

how their government works

how to access services

how to change the laws and policies under which they live.

Characteristics of good e-government sites:

1. The informational (institutional) side, which explains:a. Policies. For example, when the garbage is picked up,

which pets need licenses, etc.b. Political structure. For example, who reports to whom

and who is elected versus who is appointed.2. The actions (services) side, which lets people do such

things as:a. Pay taxes.b. Get a license renewed.c. Check who owns a building or factory.

E-government information architecture:

Information-oriented:Includes institutional policies, politics, and procedures.

Organized around citizens lives, not government bureaucracies. Action-oriented:

Online services. Accessible:

The site has to work for everyone. Navigable:

Understandable navigation, search, index with synonyms, sitemap.

Private and Secure:

What information is used for. How information is protected.

People dont want hackers getting their ID numbers and datafrom government sites, or data from one government siteshowing up on another.

Easily maintained and added to

There are no million-ruble budgets for maintaining governmentsites.

7


8/47

LIFE CYCLE:

The four stages

1. In the embryonic stage, e-governance means being present on theweb, providing the public (G2C & G2B) with relevant information. Theformat of the early government websites is similar to that of abrochure or leaflet. The value to the public is that governmentinformation is publicly accessible; processes are described and becomemore transparent, which improves democracy and service. Internally(G2G) the government can also disseminate static information withelectronic means, such as the Internet.

2. In the growth stage, the interaction between government and the

public (G2C & G2B) is stimulated with various applications. People canask questions via e-mail, use search engines, and download forms anddocuments. These save time. In fact the complete intake of (simple)applications can be done online 24 hours per day. Normally this wouldonly have been possible at a counter during opening hours. Internally(G2G) government organizations use LANs, intranets and e-mail tocommunicate and exchange data.

3. With stage three, the complexity of the technology is increasing, butcustomer (G2C & G2B) value is also higher. Complete transactions canbe done without going to an office. Examples of online services arefiling income tax, filing property tax, extending/renewal of licenses,visa and passports and online voting.Phase three is made complex because of security and personalizationissues. E.g. digital (electronic) signatures will be necessary to enablelegal transfer of services. On the business side, the government isstarting with e-procurement applications. In this phase, internal (G2G)

8


9/47

processes have to be redesigned to provide good service. Governmentneeds new laws and legislation to enable paperless transactions.

4. The fourth stage is the when all information systems are integratedand the public can get G2C & G2B services at one (virtual) counter.One single point of contact for all services is the ultimate goal. The

complex aspect in reaching this goal is mainly on the internal side, e.g.the necessity to drastically change culture, processes andresponsibilities within the government institution (G2G). Governmentemployees in different departments have to work together in a smoothand seamless way. In this phase cost savings, efficiency and customersatisfaction are reaching highest possible levels.

In

Pakistan, e-governance is near to complete the embryonic stage and verysoon it will enter in growth stage. If government takes appropriate andrevolutionary steps to implement the e-governance, there is no doubt thatPakistan can become a role model for developing countries.

9


10/47

Chapter # 2SWORT ANALYSIS

10


11/47

SWOT ANALYSIS

SWORT analysis is presented on the basis of political, Social, economic andtechnological aspects. And analyze the challenges of e_governanace forPakistan as developing country.

Economic aspects related to e-governance are funding, cost-savings,business models, e-commerce, and spin-offs of e-governance.

Economic Aspects

Strength Weaknesses

E-governance argument forexternal fundingTransparency for businesses(procurement)

InvestorsBudgetcontrol

Opportunities Threats

Higher costefficiency

New business

Corruption

11


12/47

Political aspects related to e-governance include strategies and policies, lawsand legislation, leadership, decision making processes, funding issues,international affairs, and political stability.

12

Political Aspects

Strength Weaknesses


Combination withdemocratization reformsInternet as pull factorModern image

BudgetLack of cyber lawsNo problem owner withingovernmentSlow decision making processHierarchical structuresShort term approach due to

electionsIntegration and reform

Raise external fundingShow competitive edgeTransparency causes naturalchange of processes

Reinvent government

BureaucracyPiracy, misuseCorruptionMaintaining disorder, notransparencyPolitical instabilityResistance


13/47

Social aspects related to e-governance are people, (level of) education,employment, income, digital divide, rural areas vs. cities, rich vs. poor,literacy, IT skills.

13

Social Aspects

Strength Weaknesses


People eager to learn IT skillsSkilled people possible export

product

Basic education poorLow literacy

IT literacyDifferent languagesPublic acceptance of self-servicemodels

Skill shortage: competition withprivate sector

Employment increasesEducation system improvePeople get structural jobCheap manpower widely

availablePromotion of Internet

Brain drain IT skilled people aftertrainingInfluence of other culturesResistance of people

Digital dividePrivacy


14/47

Technological aspects involve software, hardware, infrastructure, telecom,IT skilled people, and maintenance, safety and security issues.

Technological Aspects

Strength Weaknesses


14

Shortage IT skills

High cost of internetHeterogeneous dataLack of ITstandards?Software licenses


15/47

Chapter # 3E-Business Model and Internet Marketing

15


16/47

E-Business Model Used by Ministry of Education for theirWebsite:

This website is based on portal model. (Vertical portal) .The model for e-governance is a one-stop portal, where citizens have accessto a variety of information and services. An ideal portal would be one foremployment where a citizen creates a profile and is presented with

employment opportunities at the federal, state, local, non-profit, andprivate-sectors.All the information regarding jobs, scholarships, polices and rules andregulations of ministry of education would be available at the portal, whichwould help the public at large.

Domain Name:

http://www.moe.gov.pk/Its domain name is short and easy to remember. It is the short form of

Ministry of Education.

Internet Marketing Research:

It is not used for internet marketing research and not keep record of theirvisitors.

Web Design:

1. As this is the government website. The color selection is good. Blue

and white color is used.

16
http://www.moe.gov.pk/http://www.moe.gov.pk/


17/47

2. Multimedia such as streaming video and audio are not use in thiswebsite because it is essential to know that there are few who haveaccess to ICTs, to digital information and knowledge, and to thebenefits of reform in governance.

3. Makes things easy to find Navigation Is simple and easy on the website:

Use A to Z dictionary in links

17


18/47

Use Site map

Include search options

4. One way information

Provide access to policies, budgets, and reports

18


19/47

Explain who does what

5. Two way information.

Encourage participation, listen well

19


20/47

E_Business Public Relation:

Keeps customers and company current on latest informationabout products, services and internal and external issues such ascompany promotions and consumer reactions

Public relation Methods used by Website of Ministry of Education:1. Provide media cell

Provide all press releases on the website.

2. Give all Publication

20


21/47

3. Provide curriculum and forms on the website

4. Special Events and functions on the website

21


22/47


23/47

Chapter # 4

Computer and Network Security

Website security policy for Ministry of Education Pakistan

The creation of a security policy for a website or web application should beone of the first steps in the software development life cycle. By defining thepolicy, it sets the basis and requirements for the subsequent system design.

Policy scope

A policy is a collection of high level statements of intent as opposed tostandards (a set of requirements about specific topics or technologies) andprocedures (describing a process of implementing a standard or a part of astandard). It should be reasonable, enforceable and auditable. The policy'sscope should be restricted to the single website or web application but must

23


24/47

encompass all components and related services. A web site / web applicationsecurity policy should be referenced in the primary corporate informationsecurity policy and mandated by the Chief Information Officer (CIO), orequivalent.

Website security policy

Defining a security policy can be a complicated task as each Governmentmust decide beforehand which aspects of protection are most important,thereby compromising between security and ease of use. When a Web site iscompromised, it can erode customer confidence and threaten enterprises intellectual property. Therefore, Web content should protected through content validation tools, digital signatures and digitalrights management. A good security policy will become a reference pointduring the development process but will need to be subsequently reviewedand updated as the project's requirements change.

The policy should be broad enough to include all development, laboratory,test and production systems since a data loss from any of these mightcompromise the project's security. Where requirements in the primarycorporate information security policy are not applicable, they should beidentified as such. Any primary requirements that contradict the projectrequirements should change the project requirements or be escalated to theprimary maintainers resulting in a change to the primary requirements or anexception that is explicitly documented.

A web site security policy would normally include:

o Data classification scheme

o Security rating scheme

o Constraints on data based on the schemes

o Authentication requirements

o Authorization requirements

o Encryption requirements

o System architecture

o Security testing scheme

o

Logging requirementso Relevant regulatory and legal requirements

An ideal Cyber Security Policy will ensure the existence of a sound andsecure e-governance and critical infrastructure base in Pakistan. The securityand safety of various ICT platforms and critical infrastructures in Pakistanmust be considered on a priority basis before any e-governance base is

24


25/47

made fully functional. With the introduction of computers, the need forautomated tools for protecting files and other information stored computers became evident. The information security is essential for a sharedsystem, such as a time sharing system, and the need is even more acute forsystems that can be accessed over public telephone or data network. The

second major change that affected security is the introduction of distributedsystems and the use of networks and communication facilities for carryingdata between terminal user and computer and between computer andcomputer. Network security measures are needed to protect data duringtheir transmission because virtually all business, Government and academicorganizations are interconnected their systems with a collection of networksreferred as Internet. A new approach to the standards based e-Governancethat simultaneously provides for the security and availability of networkresources is the need of the hour. This approach keeps information safe, yetavailable whenever, wherever and to whomever the needs dictate. TheNetwork and Information security standards need to be put in place forprevention of intrusions, detecting and removing malicious code, managingthe organizations security systems, ensuring the service continuity withproper disaster management, data protection with data backup and recoveryprocedures and many more.

Privacy and Security

The unregulated and accessible structure of the Internet has prompted manyto question the privacy and security of government websites. Public opinionsurveys place these areas near the top of the list of citizen concerns about e-

government. Having visible statements outlining what the site is doing onprivacy and security are valuable assets for reassuring a fearful populationand encouraging citizens to make use of e-government services information. However, few global e-government sites offer policy statementsdealing with these topics. Only 14 percent of examined sites have some formof privacy policy on their site, and 8 percent have a visible security policy.Both of these are areas that government officials need to take much moreseriously. Unless ordinary citizens feel safe and secure in their onlineinformation and service activities, e-government is not going to grow veryrapidly.

Need for StandardsSome standards are needed for implementation of a security policy.

Areas of Network and Information Security StandardsFollowing are some of the areas of Network and Information Security whereStandards need to be put in place in the context of e_Governance in theministry of education

25


26/47

o Data protection and Retention

o Backup and Recovery (Including Disaster Recovery and Service

o Continuity)

o Security Appliances (Firewalls, VPN Gateways, Content filtering,

Wi-Fi and more)o Electronic Mail

o SPAM Prevention

o Anti Virus

o Password Selection

o Early Warning Systems (Intrusion Prevention)

o Computer Emergency Response Teams (CERT)

o Digital Signature

o Electronic Commerce

System used by Ministry of Education for web security

Web Privacy Policy:

Ministry of Education website policy is simple. They collect no personalinformation about visitors unless visitors choose to provide that information.they do not give, share, sell, or transfer any personal information to a thirdparty.

Links to Other Sites:

MOE website provides links to many external websites. Visitors must beaware that when they leave the MOE website they will be going to sites thatare beyond their control and standards. visitors will always receive a noticewhen they are about to leave MOE site. Websites external to MOE have theirown privacy policies, and may collect data or solicit personal information.The privacy and security policies and procedures described for MOE do notapply to any external links. MOE suggest contacting these sites directly forinformation on their privacy and security policies.

26


27/47

Non-personal Information they Record:

During visit as visitors browse through the website or download information,MOE website operating system will automatically record some generalinformation about visitors.

During visit, web operating system will record:

1. The type of browser (such as "Netscape version X" or "InternetExplorer version X") that you are using.

2. The type of operating system that visitors use (such as Macintosh,Unix, or Windows).

3. The date and time visit website, and the web pages that visitors visiton their site.

4. The address of the previous website were visiting, if visitors linked toMOE from another website.

5. The Internet domain for Internet service, such as "xcompany.com" or"xcompany.net" if visitors use a private Internet access account or"yourschool.edu" if visitors connect from a college or universitydomain.

27


28/47

They use this information for statistical analysis, to help them make theirsite more useful to visitors. This tracking system does not record informationabout individuals.

Web Security Policy:

For security purposes and to make sure website remains available to allusers, MOE site use special software programs for monitoring network trafficto identify unauthorized attempts to upload or change information, orotherwise to cause damage to this government computer system. Theseprograms collect no information that would directly identify individuals, butthey do collect information that could help them to identify someoneattempting to tamper with this website. If visitors use website, visitorsshould understand that all activities may be monitored and recorded. Anyoneusing this system expressly consents to such monitoring.

WARNING

If such monitoring reveals possible evidence of criminal activity, monitoringrecords may be provided to law enforcement officials. Except for authorizedlaw enforcement investigations, they make no other attempts to identifyindividual users or their usage habits. They only use raw monitoring datalogs for determining trends in usage patterns and in diagnosing systemproblems.

Number of visitors

28


29/47

Cookies:A cookie is a small piece of information that is sent to visitors browser when

they access a website. The use of cookies is an industry standard and theyare found at most major websites. There are two kinds of cookies. A sessioncookie is a line of text that is stored temporarily in your computer's RAM. It

is never written to a computer's drive and it is destroyed as soon as youclose your browser. A persistent cookie is a more permanent line of text thatgets saved by your browser to a file on visitors hard drive. Depending onvisitors browser settings, you may receive notification that a site isrequesting cookie information, possibly with an expiration date. Persistentcookies have a future expiration date. Session cookies have no dateassociated with them.

On those pages where MOE uses "cookies" to facilitate visitors use of site, donot collect personal information about visitors and the cookie is destroyed

when visitors exit browser. There is no information stored on visitorscomputer and no unauthorized files are written onto visitors disk drives.These cookies are called "session cookies." They help visitors use websiteinteractively and are destroyed when visitors close their browser. These"session cookies" do not collect information about visitors, but only abouttheir browser "session." The cookie makes it easier for visitors to use thedynamic features of these web pages, without having to provide the same

29


30/47

information as visitors move from one page to another. visitors will find theuse of these "session cookies" on several of website data access tools.

To protect visitors privacy, be sure to close your browser completely afterthey have finished conducting business with any website that uses cookies.

If visitors are concerned about the potential use of information gatheredfrom your computer by cookies, visitors can set your browser to prompt youbefore it accepts a cookie. Most Internet browsers have settings that letvisitors identify and/or reject cookies.

Information from e-mail you send to MOE site:

If visitors decide to send us an e-mail message, the message will usuallycontain visitors return e-mail address. If visitors include personidentifying information in their e-mail because they want to address issuesspecific to visitors situation, they may use that information in responding tovisitors request, but it will be destroyed when they complete their returncorrespondence. Also, e-mail is not totally secure against interception. Youre-mail addresses are not sold, leased or shared with any non-governmentalor commercial entities without the user's consent. When a user has giventheir e-mail address for purposes of communicating with or requestinginformation from, that communication becomes part of the public record andmay be subject to public inspection and copying if not protected by law.Information submitted via e-mail or web forms may be at risk of beingintercepted, read or modified. Visitors are advised not to pass on any

personal and confidential information such as security passwords and creditcard numbers while using this Website unless specifically required by anauthorized person. Government of Pakistan shall not be liable for any misuseor loss of any such information.

30


31/47

Voluntary Submission of Information

On some of their web pages they provide forms that let you voluntarilysubmit personal information (such as e-mail address or name). For example,this occurs when visitors are registering for various conferences or training

sessions or when visitors sign up for our "Newsflash" subscription service. Inthose cases, all submitted information is used only for the expressedpurposes for which it is intended and is not made available to any thirdparty.

Pakistan.Gov is committed to protecting your privacy and to making youronline experience secure, comfortable, valuable and pleasant.Pakistan.Gov iscommitted to protecting your privacy and to making your online experiencesecure, comfortable, valuable and pleasant. They do not collect information about visitors unless they choose to provide that information.They may share necessary data with other Government agencies anddepartments. However, information collected is used only for ofpurposes, internal reviews, improvement of the content of Webcustomization of the content and layout of Website and to contact users.They do not use, share or pass on visitors information for commercialpurposes. All record keepers face the possibility of disclosure of their recordsin some civil, criminal, or administrative matter. Government of Pakistancould be required to disclose personal information in response to valid legal

31


32/47

processes such as a search warrant, subpoena, or court order. Disclosuresmay also be necessary to protect the Government's legal rights or duringemergencies if physical safety is believed to be at risk.

Security Measures

MOE take very seriously the integrity of the information and systems thatthey maintain. Hence, appropriate safeguards have been employed toensure that any personal information is secure from destruction, corruption,unauthorized access and breach of confidentiality.

Several steps have been taken to safeguard the integrity of their computersystems and networks. These steps include, but are not limited to individualauthentication, the security of transmitted data, security monitoriauditing and encryption of your information.

Is User Information Shared?

Except as provided by applicable laws, they do not collect, use or discloseuser information without the user's knowledge and approval. They do notshare user information with third parties unless they have informed usersabout the disclosures or have prior consent.

Can I Access and Correct My Personal Information?

Users concerned about information contained in their personal records

should contact the custodian of the record, which typically isgovernmental entity that collects and maintains the information. visitorsmay request changes or annotate their personal information if they believe itto be inaccurate by submitting a written request describing the error.

The Government of Pakistan does not collect any personally identifiableinformation other than what you provide. The automatic data recorded is notmatched with any of that personally identifiable information, thereforeinformation cannot be provided about visit.

Policy Revision and Notification of Changes

The Government of Pakistan may at any time revise or update this policywithout notice. They may inform their users about policy changes throughnotices on this page containing a version number and date. Any informationcollected under the current policy will remain subject to these terms.Information collected after any changes take effect will be subject to therevised privacy policy.

32


33/47

Security Issues in e-Government Applications

The main issues from the security point of view are the verification of theidentity of the server computer (Authentication), the integrity of message, confidentiality, and the privacy associated with the transmission of

the information. Although the authentication of the user is also desirable,simple user authentication mechanisms such as passwords are cost-effectivefor most of these applications.. Protecting the integrity of data, guaranteeingthe privacy of the citizens, and controlling the access to data only to theauthorized agents are undoubtedly the most relevant security issues in thiskind of applications. The integration of databases calls for a clear definitionof information ownership and access. Finally, for transactions and servicesamong government agencies and private corporations such as procurement,authentication and non-repudiation becomes important issues.Modern cryptography offers a series of technologies that can be used tosatisfy several security concerns. Although cryptographic techniques wereused initially to facilitate confidentiality and integrity of communications,recent uses (public key infrastructure, digital certificates, and disignatures) include authentication and non-repudiation. In a very simpleway, encryption is a process that consists in scrambling the original messagein an undecipherable form. Each encryption scheme has its own capabilitiesand limitations, and none of them is 100% secure. Finally, the humanelement involved in the implementation of any security system makes all ofthem vulnerable. Human error is identified as one of the main securitythreats and vulnerabilities in the form of imperfect designs, programming practices or user decisions.

Disability Access

Disability access is vitally important to citizens who are hearing impaired,visually impaired, or suffer from some other type of handicap. If a site is ill-equipped to provide access to individuals with disabilities, it fails in itsattempt to reach out to as many people as possible. Eleven percent ofgovernment websites had some form of disability access using measuresthat we employed. Web provide easy and accessibility for its visitors.

33


34/47

Chapter # 5

Legal and ethical issues Related to E-governance

34


35/47

Ethical Problems for e-Government:

It is claimed that there is a lack of fully developed rules and models ofbehavior in the kinds of electronic environments constituted by e-commerce

(Wielki, 2001). New ethical issues have arisen as business becincreasingly bound up with virtual behavior .The issues, which arise in e-business and e-Government, are intrinsically linked. The failure to developappropriate ethics for a virtual society may result in disorder overwhelmingdemocratic dialogue and in mistrust undermining commerce (Rogerson2002). The rapid diffusion of e-commerce in particular has placed existingnorms and moral behavior under pressure and may affect the successfulimplementation of successive governments visions of e-Government

TECHNOLOGY AND THE WORKPLACE:

Employees are accustomed to using the technology made available in theworkplace for purposes other than job duties. Although genediscouraged by employers, checking news headlines, doing some on on-lineshopping, or sending personal emails while at work are eveoccurrences. Many still feel as though these actions go unnoticed byemployers and assume, incorrectly, that their activities remain private.

Most (75 percent) medium and large companies use technology to monitoremployees email and Internet activities (George and Jones, 20Conversely, only 57 percent of employees think employers should have theright to monitor their email at work (Muhl, 2003). Despite employeeconcerns, sales of email monitoring software are expected to significantly, from $139 million in 2001, to an estimated $662 million in2006 (Wakefield, 2004). Reasons cited for monitoring include: potential legalliability (68%), security concerns (60%), and employee productivconcerns (45%).

The ease of use, and the speed at which information can be sent andreceived, causes difficulty for managers and technology professionals. Email,for example, sometimes lacks the formality a phone call or traditional letter

has. The lack of formality can cause the sender to pay less attention to thecontent, which may include items of a personal nature, seninformation, or information that could be considered offensive. Add to thatthe possibility that a message sent in confidence may be viewed by others,or the risk of uncontrolled distribution, and serious problems could occur forboth employer and employee (Adams, Scheuing, and Feeley, 2000).

35


36/47

1. Introduction:

Internet companies or ISPs publishes its information services in print andvarious electronic media, including Web-based formats. They are continuallyadapting to changes in technology to bring you the information you rely on

faster and more efficiently than ever before.

Websites publishes this Privacy Policy to reaffirm their commitment tomaintaining the privacy of customers in the electronic environment andinform them of their practices concerning the collection and usinformation they provide us.

In this Privacy Policy you will find a description of the policies andprocedures that make this Privacy Policy work for customers. They haveincluded in their Privacy Policy an explanation of their information practices,such as:

o What information they collect

o How they collect the information

o How they use the information

o How they provide choice to Users about how they use the

information they collect

o Whether they disclose the information they collect to third

partieso Whether third parties collect information through their Products

2. Websites Privacy Pledge.

Website makes the following pledge to heir customers:

o They are committed to protecting the privacy of Users at all

times.o They only shares Customer Information and other Personally

Identifiable Information with third parties as described in theirPrivacy Policy.

o They maintain security standards and procedures designed to

protect Customer Information and other Personally Identifiable

Information. They will continue to test and update ttechnology to improve their ability to protect CustomInformation and other Personally Identifiable Information.

36


37/47

3. Consent to Use Information:

By using any Product and/or by affirmatively accepting the LiAgreement or this Privacy Policy, each User consents to the collection anduse of all information that the User provides to Internet companies or ISPs,

all information that is provided to website on behalf of that User, and allinformation that it collects based on that User's use of the Products,including, without limitation, all Customer Information and other PersonallyIdentifiable Information.

4. Policies Regarding the Collection of Information:

At Internet companies or ISPs, their goal is to provide Users with qualityinformation, products, and services. They are also committed to providingUsers with responsive, personalized service, and keeping Users informedabout new information, products, and services that may be of immediateinterest to Users or that can help Users derive the greatest value from theProducts.

Customer Information is at the heart of their ability to provide superiorservice to Users. They describe in this Privacy Policy the types of CustomerInformation and other Personally Identifiable Information that they collect,and how and why they may share that Customer Information and otherPersonally Identifiable Information with others.

A visitor who browses the Web site is not required to reveal any Personally

Identifiable Information, such as name, address, or telephone number,unless subscribing to a product. Nor is such information collected passivelyby electronic means. Web servers collect other information such as the makeof a visitor's browser software and the Internet domain name of the locationfrom which the visitor enters. This information helps them diagnose technicalproblems and manage our sites by tracking user interests.

The primary reason that they collect and maintain Customer Information andother Personally Identifiable Information is to serve Users and administercustomer relationships. They may collect Customer Information and otherPersonally Identifiable Information from a variety of sources, such as thefollowing:

o Information Users provide them, such as information Users

provide to us in the registration process.o Information they receive from a Customer that purcha

Subscriptions for Users, such as registration information.

37


38/47

o Information about transactions by Users as part of the Products

or other User experiences with Internet companies or ISPs, suchas the information they receive when a User submits a questionthrough a search box in a Product. They collect CustomerInformation and other Personally Identifiable Information in a

number of ways, such as the following:o Registration Process:

In order to use their Products, each User may be asked tocomplete a registration process, which requires providingcertain registration information to Internet companies orISPs.

o Credit Cards:

They collect credit card information for billing purposes.For convenience of customers, they do not store, use, orshare credit card information for any other purpose

o

Log Files: They track information about each User's usage of the

Products in log files. They use this information as follows: To analyze trends To administer the Products To track statistical information about how Users use

the Products To gather broad demographic information fo

aggregate use Internet companies or ISPs does link informatio

regarding a User's usage of the Products to the User's

Personally Identifiable Information

Surveys and Promotional Activities:

From time to time websites may request information from Users viavoluntary participation in promotional or market research activities.

The information that they request may include contact information (such asname and business address), and demographic information (such as zipcode and age level).

5. Policies Regarding the Use and Disclosure of Information.

a) Information Use and Sharing:

They may use and share the Customer Information and other PersonallyIdentifiable Information that they collect among various departments withinwebsites and its subsidiaries that perform functions such as servicing User

38


39/47

accounts, preparing reports regarding Product use, market research, andpromotional activities. The reasons that they share this CustoInformation and other Personally Identifiable Information include following:

o To protect Users. They use the Customer Information and other Personally

Identifiable Information they maintain about Users andtheir use of the Products, including registratioinformation, as follows:

To help them identify Users. To help them prevent unauthorized persons from

accessing Customer Information and other PersonallyIdentifiable Information and the Product featuresthat they make available to specific Users for theiruse.

o To provide superior service.

They use Customer Information and other PersonaIdentifiable Information to respond quickly and efficientlyto User needs.

o To tell you about new or enhanced services and/or

products.

o By understanding more about Users and their use of the

Products, they can better meet User needs and determine

how other Product features could be of value to Users.

o E-mail Updates:

Once a User completes the registration process, websitesmay keep the User updated by e-mail on important newsand events concerning Internet companies or ISPProduct features, and other information that a websitedeems relevant.

By accepting the License Agreement and this Privacy Policyand by using any Product, each User agrees that websitemay contact the User by e-mail with respect to websiteand any aspect of the Products whatsoever.

o To improve and develop their information, products and

services.o Every Product feature that they offer is designed to

reflect the ways Users actually use the Products. They collect and analyze information about Product use so

that they can tailor new types of information, products andservices to meet User needs.

When it comes to sharing Customer Information and otherPersonally Identifiable Information outside Internet

39


40/47

companies or ISPs, they do so only for specific purposes.They share Customer Information and other PersonallyIdentifiable Information with third parties as follows:

o General

They reserve the right to share with websites subsidiaries

and/or other reputable organizations the followinginformation, for purposes of permitting those organizationsto sell their products and services to our Customers:

With respect to each Customer, the following currentinformation: company name, industry, business mailingaddress, and primary contact information (name, e-mailaddress, street address, mailing address, and telephonenumber).

With respect to each User, the following currinformation: name, industry, job title, business e-mail

address, office name (branch and main office), and mailingaddress. They reserve the right to share Customer Information and

other Personally Identifiable Information with third partiesthat provide hot links to the Web page http://www.bna.com/ to promote the Products, such asweb portals, or otherwise sell Subscriptions on our behalfthrough their own marketing channels. In certainstances, these parties will co-own certain CustomInformation and other Personally Identifiable Informationabout Product revenue generating activity that originates

from that third party. Such Customer Information andother Personally Identifiable Information may includewithout limitation, the following information: companyname, street address, e-mail address, contact name, leaddate, first sale date, and services accessed.

They reserve the right to share Customer Information andother Personally Identifiable Information with other thirdparties that perform services on our behalf, such ascompanies that help us market Products, renesubscriptions, or assist new customers.

They reserve the right to share all Customer Informationand Personally Identifiable Information with third partieswho act as independent contractors to help us administerthe Products, such as data centers that host our serversand technical system consultants who program ohardware and Software.

They reserve the right to share Customer Information andNon-Identifying Information in the form of aggregated

40
http://www.bna.com/http://www.bna.com/


41/47

demographic information that is not linked to PersonallyIdentifiable Information with our subsidiaries, advertisers,and other third parties.

They reserve the right to disclose certain CustomInformation and Personally Identifiable Information to

government agencies and consumer reporting agencies aspermitted or required by applicable law. Websites maymake these disclosures for specific, limited purposes, suchas verifying individuals' identities (reducing fraud andidentity theft).

Website will also disclose a User's Customer Informationand Personally Identifiable Information when and to theextent they believe, in good faith, that they are legallycompelled to do so pursuant to an order of a court ofcompetent jurisdiction or other governmental body(including, without limitation, such disclosures required byapplicable securities laws as are necessary to complytherewith or with the rules and regulations of applicable stock exchange). In such an event, websites willuse reasonable efforts to do the following:

Give the User reasonably prompt written notice of suchrequirement so that the User has an opportunity comment thereon or object thereto and to preserve theconfidential nature of the Customer Information anPersonally Identifiable Information that website is requiredto disclose.

At the User's expense, use commercially reasonable effortsto cooperate with any of the User's efforts to preserve theconfidential nature of the Customer Information anPersonally Identifiable Information that a website required to disclose.

o User Information

They reserve the right to share a User's CustoInformation and Personally Identifiable Information withthe Customer who purchased the User's Subscription.

They also reserve the right to share a User's Customer

Information and other Personally Identifiable Informationin the manner described in Privacy Policy.o Customer Information

They also reserve the right to share the aggreCustomer Information and other Personally IdentifiableInformation for any Customer with respect to all Users forwhich that Customer purchased a Subscription in themanner described in Section 6 of this Privacy Policy.

41


42/47

b) Policies Regarding the Use and Disclosure oInformation about Former Customers:

For a period of time after a Customer relationship ends, ourpolicies and practices regarding the use and disclosure

Customer Information about former Customers are the same asthose regarding the collection and disclosure of CustomInformation and other Personally Identifiable Information aboutexisting Customers. However, after the relationship ends, theymay use such Customer Information and other PersonaIdentifiable Information about former Customers less and lessover time. They reserve the right to eventually remove suchCustomer Information and other Personally IdentifiableInformation about former Customers from our records.

c) Links to Third Party Web Sites:

The Internet Privacy Policy applies solely to the Products. TheProducts may contain links to Web sites owned and operated bythird parties. Any User's use of third party Web sites is at theirown risk and subject to any terms and conditions of use, policiesregarding the collection of information, privacy policies, andother practices and procedures for such Web sites. Website isnot responsible for any such terms and conditions of use, policiesregarding the collection of information, privacy policies, or otherpractices and procedures of the third party Web sites that a User

may access through hot links in the Products. They cannotguarantee how these third parties use cookies or whether theyplace cookies on your computer that may include CustomerInformation and other Personally Identifiable Information. Theyencourage Users to be aware when they leave the Products andto read any terms and conditions of use, policies regarding thecollection of information, privacy policies, and other practicesand procedures of each Third Party Web site before Usersprovide them with any Customer Information and otPersonally Identifiable Information.

6. Information Confidentiality and Security:

Web site is committed to prevent any unauthorized access toeach User's Customer Information and other PersonalIdentifiable Information. They maintain procedures andtechnology designed to prevent such unauthorized access.

42


43/47

a) Security Programs:

No one can guarantee that data transmission over the Internetwill be 100% secure. Nevertheless, web site has taken technical,administrative, and physical steps to protect again

unauthorized access to Customer Information and othPersonally Identifiable Information used to administer icustomer accounts. All such information is handled securelywithin website and is not disclosed to unauthorized third parties.

b) User IDs and Passwords. Each User is responsible formaintaining the confidentiality of his or her User ID password, and is responsible for all Product activities that occurunder his or her User ID and password, including, withoutlimitation, all related Customer Information and other PersonallyIdentifiable Information. Each User agrees to immediately notifywebsite of any unauthorized use of his or her User ID orpassword or of his or her Customer Information and otherPersonally Identifiable Information or any other breach security regarding the Products or his or her CustoInformation and other Personally Identifiable InformationWebsites will not be liable for any Loss whatsoever arising froma User's failure to comply with these security requirements andeach User agrees to hold websites harmless from any and allLosses that arise from that failure to so comply.

7. Tips To Help You Protect Your Information:

If any User suspects that someone has had unauthorized accessto his or her account, or access to his or her CustomerInformation and other Personally Identifiable Information, suchas his or her User ID or password, the User should send an emailto [email protected] immediately so they can takeappropriate action to protect the User and his or her CustomerInformation and other Personally Identifiable Information.

In addition, Users may want to consider if it is important toreport the crime to local law enforcement agencies and to theFederal Trade Commission (FTC). To enter information about anycomplaint into a secure FTC online database, sign www.consumer.gov/idtheft. The site also provides links numerous consumer education materials.

43
mailto:[email protected]://www.consumer.gov/idtheftmailto:[email protected]://www.consumer.gov/idtheft


44/47

Chapter # 6

Recommendations

44


45/47

Recommendations for Web Design:

One way Information:

Show how decisions are made by ministry of education like how tospeak at a meeting, when and where meetings are held etc

Organize information by peoples life events, not by governmentorganization charts

Two ways Information:

Provide live and online forums where visitors can share ideas andinformation about government education polices. Through online

forum and live discussion it is east to check people response aboutgovernment polices about education whether their response is positiveor negative.

Accept proposals from citizens.

Let people to do things like submit their forms and application online

Improve public relationship by

Video clips about new, meetings, and press releases should be

available on the website. With the improvements in one way and two way information

distribution public relation should also improve.

To be recorded as accessible to the disabled, the site had to display featuresthat would be helpful to the hearing or visually impaired. For example, TTY(Text Telephone) or TDD (Telephonic Device for the Deaf) phone numbersallow hearing-impaired individuals to contact the agency by phone. Second,the site could have web accessibility features consistent with standards

mandated by groups such as the World Wide Web Consortium (W3C) or locallegislative acts. Finally, if the site provided text labels for graphics or textversions of the website, it was counting as having some degaccessibility.

Foreign Language Access

45


46/47

Few city government websites have bi-language features that allow accessto non-native speaking individuals. By bi-language feature, we mean anyaccommodation to the non-native speakers, such as text translation into adifferent language.

Takes help from standard companies

Oracle is known to offer the most secured computing environment, and hasbeen certified against 14 standards of security requirements in thegovernment, defenses and financial services industries. Ministry may takeshelp from oracle for security in following areas

o Selective Encryption

o Evaluated Security

o Proxy authentication

o

Three tier securityo Label base access control

Recommendations regarding ethical issuesThe site of Ministry of Education provides physical environment consisting oftemporal and geographic boundaries.RECOMMENDATIONS: To keep track of their visitor, the site should use A tailored web experience but at the same time its a violation of theprivacy The site should avoid surveillance. Reasons for surveillance are: Slower transmission times Harassment suits Low productivity The site should follow the stated policy regarding the collection anuse of visitors personal information by using Privacy policy services andsoftware i.e.

PrivacyBot.com TRUSTe The ministry of education should be responsible for a fair use ofcopyright i.e. The use of a copyrighted work for education, research, criticism The purpose of the copyrighted work is examined The nature of the copyrighted work is taken into account

46
http://www.privacybot.com/http://www.truste.com/http://www.privacybot.com/http://www.truste.com/


47/47

The amount of the material that has been reproduced is reviewed The effect is taken into consideration

The site should promote online commerce by legitimizing onlinecontractual agreements

Documents

Final Project Report2