Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Towards An Information Security Maturity Model for Secure e-Government Services: A Stakeholders View
Stockholm University, Faculty of Social Sciences, Department of Computer and Systems Sciences.
Stockholm University, Faculty of Social Sciences, Department of Computer and Systems Sciences.
Stockholm University, Faculty of Social Sciences, Department of Computer and Systems Sciences.
2011 (English)In: Proceedings of the 5th International Symposium on Human Aspects of Information Security & Assurance, HAISA , 2011, 58-73 p.Conference paper, Published paper (Refereed)
Abstract [en]

The paper proposes a comprehensive information security maturity model (ISMM) that addresses both technical and socio/non-technical security aspects. The model is intended for securing e-government services (implementation and service delivery) in an emerging and increasing security risk environment. The paper applied inductive approach that utilizes extensive literature review and survey study approaches. A total of eight existing ISMMs were selected and critically analyzed. Models were then categorized into security awareness, evaluation and management orientations. Based on the model’s strengths – three models were selected to undergo further analyses and then they were synthesized. Each of the three selected models was either from the security awareness, evaluation or management orientations category. To affirm the findings – a survey study was conducted into six government organizations located in Tanzania. The study was structured to a large extent by the security controls adopted from the Security By Consensus (SBC) model. Finally, an ISMM with five critical maturity levels was proposed. The maturity levels were: undefined, defined, managed, controlled and optimized. The papers main contribution is the proposed model that addresses both technical and non-technical security services within the critical maturity levels. Additionally, the paper enhances awareness and understanding on the needs for security services be an integral part of e-government services to stakeholders.

Place, publisher, year, edition, pages
HAISA , 2011. 58-73 p.
Keyword [en]
e-Government, Information security, Maturity model, Security services, Technical and Non-technical security
National Category
Information Systems
Research subject
Computer and Systems Sciences
Identifiers
URN: urn:nbn:se:su:diva-67206ISBN: ISBN: 978-1-84102-284-0 (print)OAI: oai:DiVA.org:su-67206DiVA: diva2:469623
Conference
International Symposium on Human Aspects of Information Security & Assurance (HAISA 2011), London, July 2011
Available from: 2011-12-26 Created: 2011-12-26 Last updated: 2012-10-08Bibliographically approved
In thesis
1. A Framework for Securing e-Government Services: The Case of Tanzania
Open this publication in new window or tab >>A Framework for Securing e-Government Services: The Case of Tanzania
2012 (English)Doctoral thesis, comprehensive summary (Other academic)
Abstract [en]

e-Government services are becoming one of the most important and efficient means by which governments (G) interact with businesses (B) and citizens (C). This has brought not only tremendous opportunities but also serious security challenges. Critical information assets are exposed to current and emerging security risks and threats. In the course of this study, it was learnt that e-government services are heavily guided and benchmarked by e-Government maturity models (eGMMs). However, the models lack built-in security services, technical as well as non-technical; leading to lack of strategic objectives alignment between e-government services and security services. Information security has an important role in mitigating security risks and threats posed to e-government services. Security improves quality of the services offered.

In light of the above, the goal of this research work is to propose a framework that would facilitate government organisations to effectively offer appropriate secure e-government services. To achieve this goal, an empirical investigation was conducted in Tanzania involving six government organizations. The investigations were inter-foiled by a sequence of structural compositions resulting in a proposition of a framework for securing e-government services which integrates IT security services into eGMMs. The research work was mainly guided by a design science research approach complemented in parts by systemic-holistic and socio-technical approaches.

The thesis contributes to the empirical and theoretical body of knowledge within the computer and systems sciences on securing e-government structures. It encompasses a new approach to secure e-government services incorporating security services into eGMMs. Also, it enhances the awareness, need and importance of security services to be an integral part of eGMMs to different groups such as researched organizations, academia, practitioners, policy and decision makers, stakeholders, and the community.

Place, publisher, year, edition, pages
Stockholm: Department of Computer and Systems Sciences, Stockholm University, 2012. 107 p.
Series
Report Series / Department of Computer & Systems Sciences, ISSN 1101-8526 ; 12-010
Keyword
e-Government, information security, maturity models, services, technical security, non-technical security
National Category
Computer Systems
Research subject
Computer and Systems Sciences
Identifiers
urn:nbn:se:su:diva-80722 (URN)978-91-7447-583-8 (ISBN)
Public defence
2012-12-11, Sal C, Forum 100, Isafjordsgatan 39, Kista, 15:00 (English)
Opponent
Supervisors
Note

At the time of the doctoral defence the following paper was unpublished and had a status as follows: Paper nr. 6: In press

Available from: 2012-11-19 Created: 2012-09-27 Last updated: 2012-10-23Bibliographically approved

Open Access in DiVA

Fulltext(593 kB)3067 downloads
File information
File name FULLTEXT02.pdfFile size 593 kBChecksum SHA-512
b093f4872ce5dc8ce33f77f2066808b06571c08dd71d339079b8e6fc5a437c1609f46067bd9a005fc327a59ce9c9350edd5203e8c0fd73d6af696a5d62b65c7a
Type fulltextMimetype application/pdf

Search in DiVA

By author/editor
Kowalski, StewartYngström, Louise
By organisation
Department of Computer and Systems Sciences
Information Systems

Search outside of DiVA

GoogleGoogle Scholar
Total: 3425 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

isbn
urn-nbn

Altmetric score

isbn
urn-nbn
Total: 356 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf