Projects per year
Abstract
Security evaluation is crucial for any security-critical system. In this context, a system can mean technical systems, organizations, or any other entity with certain security requirements. The major challenge in doing risk analysis is the trade-off between completeness and complexity. When done on a more abstract level, certain risks are potentially overlooked. When done on a very detailed level, risk analyses quickly become complex and exceed available resources. To tackle this challenge, various norms and standards propose different security evaluation methodologies. These methodologies vary depending on their target scope. Also, these standards typically remain on a rather abstract level to ensure broad applicability to different systems. In practice, this often complicates the application of these standards to concrete technical systems. In this paper, we tackle this issue by proposing a customized security-evaluation framework tailored to the special characteristics of cross-border e-government services. The proposed framework does not re-invent the wheel but combines aspects and approaches of established norms and standards to cherry-pick from each standard those aspects most beneficial for the given context. We evaluated the proposed framework by applying it to a set of software building blocks, which have been developed in the Horizon-2020 project mGov4EU and leverage mobile cross-border e-government services in Europe. The conducted evaluation shows that the proposed framework facilitates the practical application of security evaluations in the targeted domain and supports evaluators in handling the trade-off between completeness and complexity.
Original language | English |
---|---|
Title of host publication | DGO '23: Proceedings of the 24th Annual International Conference on Digital Government Research |
Editors | David Duenas Cid |
Publisher | Association of Computing Machinery |
Pages | 536–543 |
Number of pages | 8 |
ISBN (Electronic) | 979-8-4007-0837-4 |
DOIs | |
Publication status | Published - 2023 |
Event | 24th Annual International Conference on Digital Government Research: dg.o 2023 - Gdansk, Poland Duration: 11 Jul 2023 → 14 Jul 2023 |
Publication series
Name | ACM International Conference Proceeding Series |
---|
Conference
Conference | 24th Annual International Conference on Digital Government Research |
---|---|
Abbreviated title | dg.o 2023 |
Country/Territory | Poland |
City | Gdansk |
Period | 11/07/23 → 14/07/23 |
Keywords
- Security evaluation
- Risk analysis
- Risk evaluation
- Security
- E-government
- e-Government
ASJC Scopus subject areas
- Software
- Human-Computer Interaction
- Computer Vision and Pattern Recognition
- Computer Networks and Communications
Fingerprint
Dive into the research topics of 'A Security-Evaluation Framework for Mobile Cross-Border e-Government Solutions'. Together they form a unique fingerprint.Projects
- 1 Finished
-
EU - mGov4EU - Mobile Cross-Border Government Services for Europe
1/01/21 → 31/12/23
Project: Research project