E-GOVERNMENT SECURITY ARCHITECTURE
The security architecture of E-governance is a high level document that set the security goals of e-governance project and describe the procedure that need to be followed by all the e-governance hierarchy such as users, businesses, operators etc.
Security Layers Description
Network Security: (authentication, firewall protection, network intrusion detections,)
Application Security: use of software, hardware, and procedural methods to protect applications from external threats.
Personnel/User Security: various authentication mechanisms for verification of user identify such as two-factor authentication, biometrics
Data Security: deals with security mechanism adopted for keeping data protected from corruption and unauthorized access to ensure data privacy
Platform /Host Security: Platform security deals with the security mechanisms adopted on servers, workstations and operating systems.
Physical Security: Physical security refers to the security characteristics concerned with restricting physical access by unauthorized personnel
Cross Pillars
Incident Response: to address and manage any security breach or attack.
Business Continuity and ICT Disaster Recovery: ensure that essential business functions and ICT operations can continue during and after a disaster.
Threat and Vulnerability Management: to identify risks and mitigation control in the ICT environment.
ICT Asset Management: to manage ICT assets throughout their lifecycle.
Measurement and Reporting: provides information on the health check of the ICT appliances and Systems.