National Conference on Communication Technologies & its impact on Next Generation Computing CTNGC 2012 Proceedings published by International Journal of Computer Applications® (IJCA) 31 Security Metrics and E-Governance Portals Subhash Chander Govt. P.G. College Sector – 14, Karnal Haryana (India) Ashwani Kush University College, Kurukshetra University, Kurukshetra ABSTRACT The major problem of modern Indian society is corruption, bureaucracy and security of information systems. Government is trying to provide many basic services online to its citizens. But major success has not been achieved on this side because success rate in implementation of e-governance projects is very low. There are so many security breach cases one can listen and see through various media in the modern society. In this paper certain challenges in implementation of e-governance systems in Indian democratic setup has been discussed. Certain solutions regarding the challenges are also highlighted. Particular security related metrics must be kept in mind while handling e- governance matters. Various Privacy, security and users in e- Governance related issues have been taken into consideration. Keywords Security, ICT, metrics, e-governance, threats, vulnerability 1. INTRODUCTION In the modern age of Information and Communication Technology (ICT) newer services are being made available online to the citizens. The term e-governance focuses on the use of ICTs by governments for its various governance related functions. The potential of networking, Internet and related technologies has transformed government structures and operations. E- Governance is related positively to rapport government citizen relationship and corruption reduction. Information technology (IT) has the potential to transform government structures and improve the quality of government services. Technology provides two main opportunities for government: (1) improved operational efficiency by reducing costs and increasing productivity; and (2) better quality services provided by government agencies [1]. Every state government is providing certain basic services like driving license, domicile certificate and caste certificate and others online to its citizens. E-government is to enable users to transact business throughout on 24×7 basis and saving the cost and improves government effectiveness [2]. Privacy and security of the these e-governance portals is necessary. Data available on the e-governance portals must be secure and managed properly for its effective use by users of the portal. Privacy and security include the features like privacy policies, authentication, encryption and data management [3]. For security measurements we apply certain metrics. Generally metric is used with respect to time but security metrics is used in different contexts. Two terms namely measurements and metrics are used interchangeably but there is difference between the two terms. Measurements are objective raw data whereas metrics are objective or subjective human interpretations of those data. Measurements are instantaneous snap shots of particular measurable parameters, whereas metrics are more complete pictures, and typically comprised of several measurements, baselines and other supporting information that provide the context for interpreting the measurements [4]. For information system security, the measurements are concerned with aspects of the system that contribute to its security. That is, security metrics involve the application of a method of measurement to one or more entities of a system [4]. There is a need to develop a broad assessment framework model which could give a direction to the assessment and learning’s which can go back into the project. At the same time it is very important to develop self-assessment models, which could be used at the conceptualization level itself, of e-governance project [5]. The rest of the paper is organized here as follows. Section 2 presents Challenges & solutions to e-governance implementation, Section 3 gives security metrics in e- governance, Section 4 gives security, privacy and users in e- governance and section 5 presents conclusion of the paper. 2. CHALLENGES TO E-GOVERNANCE AND SOLUTIONS There are various challenges to the e-governance in every country. But these obstacles become more prominent in case of developing countries. Because instead of having problems related with governance of the society there are certain other major hurdles like education, environment, infrastructure and social problems. India being largest democracy, and second largest in terms of population and having diversified geography itself poses great challenges in e-governance implementation. Mainly such hurdles and problems are divided in to technical, political, cultural and legal problems [6]. These challenges have been categorized into many ways namely technical, political, cultural, social and economical. 2.1 Technical In case of technical level hindrances infrastructure is stressed that work as a backbone of E-Governance. Technical challenges include interoperability, standardization, privacy and security [7]. Interoperability with existing software and hardware platforms is a key success factor. It is unlikely that available resources can support a full replacement of existing application. Hardware should be fully compatible with future technologies [7]. If it is not feasible to work on the existing infrastructure then one has to think of the procurement of the new hardware or software. Unnecessarily procurement of hardware and software is not possible for developing countries. Infrastructure must provide secure and safe transactions for all the citizens whether illiterate or literate, rich or poor, young or aged. In various applications of e-governance there is requirement of online transactions. All these transactions must be performed in a secured manner which is only possible in case of good and secure infrastructure including hardware and software installations at the sites. 2.2 Political Political will is necessary in case of secured e-governance in Indian culture. It can be seen that various southern states namely Gujarat, Maharastra, Karnatka, Andhra Pradesh have done well in e-Governance field as compared to various other northern states including Punjab, Haryana, Himachal Pradesh etc. One of the important reasons in making such a progress is political will of the head of the states. This is only possible in case of