Week 3

E-GOVERNMENT

Security

PRIVACY

Learning outcome

• At the end of this slide, student can:

• 1) Explain the network security• 2) Understand the contribution of security and privacy to

inviduals

Definition

•Assure their citizens that the information are secured and protected from unauthorized use

• Increase the level of personal information available online

Conceptual Security Model

Conceptual Security Model

• Integrate the various aspects of security services, mechanisms, objects and management functions

• Components• Security management• Security services• Security mechanism• Security object

Security Component

• Security management• Security services• Security mechanism• Security object

Government initiatives• High spending in security products and services

• Well understood of ICT security technology

• High skilled and experience security expects

• Develop supporting infrastructure• A set of human element development• Support mechanism to personnel

ICT Security Division•  Establish within MAMPU in Jan 2000• Keeper for public sector ICT security• Plans, coordinates , streamlines and consolidates

• A referral point for ICT security-related matters with government organization

• Responsible for ICT security training and acculturation programmed

ICT Security Division

•  Categories(framework):•Proactive measures

• providing ICT security documents

Malaysian Communications and Multimedia Commission(MCMC)

•Oversees the new regulatory framework Development and enforcement of access codes and standards.

•Ensures information security and the integrity and reliability of the network

Malaysian Communications and Multimedia Commission(MCMC)

•The MCMC has enforcement powers for offence relating to network security in the CMA.

IMPACT (an International Multilateral Partnership Against Cyber-Terrorism, set up by the Malaysian government)

Police Cyber Crime Unit

• The Royal Malaysia Police has established.

Criminal Investigation Department

Commercial Crime Investigation

Division

Technology Crime Investigation Unit

ICT Security Division

 Categories (framework):•Recovery measures•Continuous measures

Police Cyber Crime Unit

Investigate • Police officer

preventive • police

Establish forensic

computer laboratory

• Against commercial crime

Ministry of Science, Technology and Innovation (MOSTI)

• Formulation and implementation of :• national policy on ICT

• national information security policy• Encouraging research, development and

commercialization • Development and promotion of ICT industries.• CyberSecurity Malaysia (formerly is NISER)

• www.cybersecurity.my

Malaysian Computer Emergency Response Team(MyCERT)

• Provide an expert point of reference on network and security matters

• Reporting security incidents and facilitating communication

• Disseminating security information• Acting as a repository of security-related information,

acquiring patches, tools and techniques• Educating the public with regard to computer security

in Malaysia

NETWORK SECURITY

• EG*Net is the government’s dedicated network • Provide gateway to external network• Security technologies

Control access to application and data

• Authentication of individual• E-Government IT Policy and Standards

Control access to application and data

•Digital Identities and Signatures• CA

• Future plans• Combine smart card technology

Discussion questions1. What are the essentials components of a

security model?2. Justify the role of each ICT security departments.3. Why security is necessary for e-government?4. Explain about the e-government information

technology policy and standards.5. How to control the access to application and

data?6. Justify the important key technologies of network

security.7. What is the government upcoming plan for

security?