Security Management Framework for Registry System Operating Environment

Information Engineering
Mohammed Abdul Jabbar Hammeid
Dr. Mahmood Khalel Ibrahem

E-government is narrowly defined as the use of information technology,
especially the Internet and the intranet, to deliver government services and information to citizens, businesses, and other government bodies.
E-government is the most important accomplishment of Internet. There is, however, one main downside that is occurring within each process of egovernment,namely security.
E-government systems are facing many security challenges like authentication, confidentiality and data integrity. A crucial part of managing information security is having a framework and set of standards to which all the necessary areas of information security in the organization are maintained.
As a web-based application, e-government also facing additional threats, represented by the three most common web vulnerabilities (SQL injection, Denial of Service and Cross-site Scripting).
Registry system is one of e-government applications that responsible for managing citizens' records.
The proposed system presented in this thesis is a dynamic web application, suggests a security framework for registry system in e-government environment. The proposed framework presents a secure e-government model, provides three main security services (authentication, confidentiality and integrity), and overcome the web application vulnerabilities that threaten e-government systems.
Three informational services (Civil information, Passport and Driving license) were presented as e-services. To prevent the back end sub-systems from attack, the front end sub-system (portal) was developed as a middleware system.
This application will help in citizens' adoption for public e-services and guaranty their sensitive information to be immune and integrated.